Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Jetbox_cms |
Jetbox |
2.1_sr1 |
2.1_sr1 |
References