Multiple cross-site scripting (XSS) vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter.
https://codevigilant.com/disclosure/wp-plugin-infusionsoft-a3-cross-site-scripting-xss/
Publikované: 04.25 2014
Upravené: 12.28 2019
CVE: CVE-2014-4536
Websafe s.r.o,
Pribinova 41
942 01 Šurany
IČO: 46 841 407