Cross-site scripting (XSS) vulnerability in auth-settings-x.php in SpamTitan before 6.04 allows remote attackers to inject arbitrary web script or HTML via the sortdir parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| spamtitan | spamtitan | 5.07 |
| spamtitan | spamtitan | 5.05 |
| spamtitan | spamtitan | 6.01 |
| spamtitan | spamtitan | 5.08 |
| spamtitan | spamtitan | 6.00 |
| spamtitan | spamtitan | 5.04 |
| spamtitan | spamtitan | 5.10 |
| spamtitan | spamtitan | * |
| spamtitan | spamtitan | 5.13 |
| spamtitan | spamtitan | 5.12 |
| spamtitan | spamtitan | 5.06 |
| spamtitan | spamtitan | 5.11 |