vendor:
XAMPP
by:
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: XAMPP
Affected Version From: 1.7.2007
Affected Version To: 1.7.2007
Patch Exists: NO
Related CWE:
CPE: a:apache:xampp:1.7.7
Platforms Tested: Windows
XAMPP Cross-Site Scripting Vulnerabilities
Multiple cross-site scripting vulnerabilities in XAMPP allow remote attackers to inject arbitrary web script or HTML via the (1) /security/xamppsecurity.php, (2) /xampp/perlinfo.pl, or (3) /xampp/cds.php URI.
Mitigation:
To mitigate these vulnerabilities, it is recommended to sanitize user-supplied data before using it in web applications.