Arbitrary Script Execution via XSS in BadBlue Personal Edition 1.7.3
CVE-2002-1683 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function.
Learn more about our User Device Pen Test.