Unsanitized User Input Allows Cross-Site Scripting (XSS) Attacks in synetics i-doit Open and Pro Versions
CVE-2013-1413 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Learn more about our Web App Pen Testing.