Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xperience | sandsurfer | 1.6.5 |
| xperience | sandsurfer | 1.6.2 |
| xperience | sandsurfer | 1.7.0 |
| xperience | sandsurfer | 1.6.3 |
| xperience | sandsurfer | 1.6.4 |