XML Injection Vulnerability in Web Reference Database (aka refbase)
CVE-2015-6011 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allows remote attackers to conduct XML injection attacks via (1) the id parameter to unapi.php or (2) the stylesheet parameter to sru.php.
Learn more about our Api Penetration Testing.