Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote attackers to inject arbitrary web script or HTML via the comment_text parameter to the user comment page (/edit/Comment).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| siteframe | siteframe_beaumont | 5.0.2 |
| siteframe | siteframe_beaumont | 5.0.1 |
| siteframe | siteframe_beaumont | 5.0.1a |