XSS in Fengoffice Feng_office

CVE-2013-5744

Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary ref_XXX parameter.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.010 (57.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References