Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to inject arbitrary web script or HTML via the cat_name parameter, related to adding a category. (categories field). NOTE: some details are obtained from third party information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Php_iaddressbook | Clemens_wacha | 0.94 | 0.94 |
Php_iaddressbook | Clemens_wacha | 0.92 | 0.92 |
Php_iaddressbook | Clemens_wacha | 0.93 | 0.93 |
Php_iaddressbook | Clemens_wacha | 0.9 | 0.9 |
Php_iaddressbook | Clemens_wacha | 0.91a | 0.91a |
Php_iaddressbook | Clemens_wacha | 0.91 | 0.91 |