Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| powereasy | siteweaver | 2006 |
| powereasy | siteweaver | 6.8 |