Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, when the insert or edit feature is enabled, allows remote authenticated users to inject arbitrary web script or HTML via the select_single parameter.
| Software | From | Fixed in |
|---|---|---|
| dadabik / dadabik | - | 4.3.x |
| dadabik / dadabik | 1.0-beta | 1.0-beta.x |
| dadabik / dadabik | 1.0.1-beta | 1.0.1-beta.x |
| dadabik / dadabik | 1.0.2-beta | 1.0.2-beta.x |
| dadabik / dadabik | 1.0.3-beta | 1.0.3-beta.x |
| dadabik / dadabik | 1.0.4-beta | 1.0.4-beta.x |
| dadabik / dadabik | 1.0.5-beta | 1.0.5-beta.x |
| dadabik / dadabik | 1.1-beta | 1.1-beta.x |
| dadabik / dadabik | 1.5 | 1.5.x |
| dadabik / dadabik | 1.5b | 1.5b.x |
| dadabik / dadabik | 1.6 | 1.6.x |
| dadabik / dadabik | 1.7 | 1.7.x |
| dadabik / dadabik | 1.8 | 1.8.x |
| dadabik / dadabik | 1.9 | 1.9.x |
| dadabik / dadabik | 1.9.1 | 1.9.1.x |
| dadabik / dadabik | 2.0-beta | 2.0-beta.x |
| dadabik / dadabik | 2.0.1-beta | 2.0.1-beta.x |
| dadabik / dadabik | 2.1-beta | 2.1-beta.x |
| dadabik / dadabik | 2.1b-beta | 2.1b-beta.x |
| dadabik / dadabik | 2.2-beta | 2.2-beta.x |
| dadabik / dadabik | 2.2.1 | 2.2.1.x |
| dadabik / dadabik | 2.2.1-beta | 2.2.1-beta.x |
| dadabik / dadabik | 3.0 | 3.0.x |
| dadabik / dadabik | 3.0-beta | 3.0-beta.x |
| dadabik / dadabik | 3.1-beta | 3.1-beta.x |
| dadabik / dadabik | 3.2 | 3.2.x |
| dadabik / dadabik | 3.2-beta | 3.2-beta.x |
| dadabik / dadabik | 4.0 | 4.0.x |
| dadabik / dadabik | 4.0-alpha | 4.0-alpha.x |
| dadabik / dadabik | 4.0-beta | 4.0-beta.x |
| dadabik / dadabik | 4.0-beta2 | 4.0-beta2.x |
| dadabik / dadabik | 4.1 | 4.1.x |
| dadabik / dadabik | 4.1-beta | 4.1-beta.x |
| dadabik / dadabik | 4.1-rc1 | 4.1-rc1.x |
| dadabik / dadabik | 4.1-rc2 | 4.1-rc2.x |
| dadabik / dadabik | 4.1-rc3 | 4.1-rc3.x |
| dadabik / dadabik | 4.2 | 4.2.x |
| dadabik / dadabik | 4.2-beta | 4.2-beta.x |
| dadabik / dadabik | 4.3-alpha | 4.3-alpha.x |
| dadabik / dadabik | 4.3-beta | 4.3-beta.x |
| dadabik / dadabik | 4.3-beta2 | 4.3-beta2.x |