Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags.
Software | From | Fixed in |
---|---|---|
ajax-spell / ajax-spell | 1.1 | 1.1.x |
ajax-spell / ajax-spell | 1.2 | 1.2.x |
ajax-spell / ajax-spell | 1.3 | 1.3.x |
ajax-spell / ajax-spell | 1.4 | 1.4.x |
ajax-spell / ajax-spell | 1.5 | 1.5.x |
ajax-spell / ajax-spell | 1.6 | 1.6.x |
ajax-spell / ajax-spell | 1.7 | 1.7.x |