Unsanitized User Input Allows Cross-Site Scripting (XSS) Attacks in synetics i-doit Open and Pro Versions

Unsanitized User Input Allows Cross-Site Scripting (XSS) Attacks in synetics i-doit Open and Pro Versions

CVE-2013-1413 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Learn more about our Web App Pen Testing.