Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before 2.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nishishi | fumy_news_clipper | 2.0 |
| nishishi | fumy_news_clipper | 2.4.0 |
| nishishi | fumy_news_clipper | 2.1.0 |
| nishishi | fumy_news_clipper | 2.3.0 |
| nishishi | fumy_news_clipper | 2.2.0 |
Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi Factory Fumy Teacher's Schedule Board 1.10 through 2.21 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nishishi | fumy_teachers_schedule_board | 2.10 |
| nishishi | fumy_teachers_schedule_board | 2.21 |
| nishishi | fumy_teachers_schedule_board | 1.10 |
| nishishi | fumy_teachers_schedule_board | 2.00 |
| nishishi | fumy_teachers_schedule_board | 2.20 |