In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| craftedweb_project | craftedweb | * |
CraftedWeb through 2013-09-24 has reflected XSS via the p parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| craftedweb_project | craftedweb | * |