Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the (1) url, (2) title, or (3) author name in a crawled page, which is not properly sanitized in the tooltips of a report.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| webcheck | webcheck | 1.9.3 |
| webcheck | webcheck | 1.9.0 |
| webcheck | webcheck | * |
| webcheck | webcheck | 1.9.1 |
| webcheck | webcheck | 1.9.2 |
| webcheck | webcheck | 1.9.4 |