Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to inject arbitrary web script or HTML via the (1) nome (nickname), (2) messaggio (message), and (3) link (homepage) parameters.
Software | From | Fixed in |
---|---|---|
alberto_pittoni / alguest | 1.1-c-patched | 1.1-c-patched.x |