Cross-site scripting (XSS) vulnerability in the skinning feature in SiteKiosk before 6.5.150 allows local users to bypass security protections and inject arbitrary web script or HTML via an ABOUT: URI, which is displayed in the title bar of the browser.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sitekiosk | Sitekiosk | 5.0.264 | 5.0.264 |
Sitekiosk | Sitekiosk | 4.9.11 | 4.9.11 |
Sitekiosk | Sitekiosk | 6.2.51 | 6.2.51 |
Sitekiosk | Sitekiosk | 4.96.0 | 4.96.0 |
Sitekiosk | Sitekiosk | 6.0.14 | 6.0.14 |
Sitekiosk | Sitekiosk | 5.5.34 | 5.5.34 |
Sitekiosk | Sitekiosk | 5.0.238 | 5.0.238 |
Sitekiosk | Sitekiosk | 5.0.35 | 5.0.35 |
Sitekiosk | Sitekiosk | 5.0.36 | 5.0.36 |
Sitekiosk | Sitekiosk | 5.5.45 | 5.5.45 |
Sitekiosk | Sitekiosk | 6.0.98_final | 6.0.98_final |
Sitekiosk | Sitekiosk | 5.0.19 | 5.0.19 |
Sitekiosk | Sitekiosk | 5.5.39 | 5.5.39 |
Sitekiosk | Sitekiosk | 4.96.3 | 4.96.3 |
Sitekiosk | Sitekiosk | 5.0.26 | 5.0.26 |
Sitekiosk | Sitekiosk | 5.0.38 | 5.0.38 |
Sitekiosk | Sitekiosk | 4.9.14 | 4.9.14 |
Sitekiosk | Sitekiosk | 5.0.32 | 5.0.32 |
Sitekiosk | Sitekiosk | 5.5.35 | 5.5.35 |
Sitekiosk | Sitekiosk | 5.0.41 | 5.0.41 |
Sitekiosk | Sitekiosk | 5.0.248 | 5.0.248 |
Sitekiosk | Sitekiosk | 4.97.0 | 4.97.0 |
Sitekiosk | Sitekiosk | 6.5.149 | 6.5.149 |
Sitekiosk | Sitekiosk | 5.5.36 | 5.5.36 |
Sitekiosk | Sitekiosk | 4.96 | 4.96 |