Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Software | From | Fixed in |
---|---|---|
dotcms / dotcms | 1.0 | 1.0.x |
dotcms / dotcms | 1.2.0 | 1.2.0.x |
dotcms / dotcms | 1.5.0 | 1.5.0.x |
dotcms / dotcms | 1.5.1 | 1.5.1.x |
dotcms / dotcms | 1.5.1.1 | 1.5.1.1.x |
dotcms / dotcms | 1.6 | 1.6.x |
dotcms / dotcms | 1.6-rc1 | 1.6-rc1.x |
dotcms / dotcms | 1.6-rc2 | 1.6-rc2.x |
dotcms / dotcms | 1.6-rc3 | 1.6-rc3.x |
dotcms / dotcms | 1.6.0.1 | 1.6.0.1.x |
dotcms / dotcms | 1.6.0.2 | 1.6.0.2.x |
dotcms / dotcms | 1.6.0.3 | 1.6.0.3.x |
dotcms / dotcms | 1.6.0.4 | 1.6.0.4.x |