Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
Software | From | Fixed in |
---|---|---|
cofax / cofax | 1.9.9c | 1.9.9c.x |
cofax / cofax | 1.9.9d | 1.9.9d.x |
cofax / cofax | 2.0_rc1 | 2.0_rc1.x |
cofax / cofax | 2.0_rc2 | 2.0_rc2.x |
cofax / cofax | 2.0_rc3 | 2.0_rc3.x |