Cross-site scripting (XSS) vulnerability in search.php in Tunez 1.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchFor parameter.
Software | From | Fixed in |
---|---|---|
tunez / tunez | 0.1 | 0.1.x |
tunez / tunez | 0.2 | 0.2.x |
tunez / tunez | 0.3 | 0.3.x |
tunez / tunez | 0.4 | 0.4.x |
tunez / tunez | 0.5 | 0.5.x |
tunez / tunez | 0.5.5 | 0.5.5.x |
tunez / tunez | 0.7 | 0.7.x |
tunez / tunez | 0.9 | 0.9.x |
tunez / tunez | 1.0.0 | 1.0.0.x |
tunez / tunez | 1.1 | 1.1.x |
tunez / tunez | 1.15 | 1.15.x |
tunez / tunez | 1.20 | 1.20.x |
tunez / tunez | 1.21 | 1.21.x |