Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| festic | semanticscuttle | 0.91 |
| festic | semanticscuttle | 0.89 |
| festic | semanticscuttle | 0.93 |
| festic | semanticscuttle | 0.87 |
| festic | semanticscuttle | 0.92 |
| festic | semanticscuttle | 0.90 |
| festic | semanticscuttle | 0.85 |
| festic | semanticscuttle | * |
| festic | semanticscuttle | 0.86 |
| festic | semanticscuttle | 0.88 |