Assist Project » Assist Plugin : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin before 1.1.2.test20160906, (2) dataBox plugin before 0.0.0.20160906, and (3) userBox plugin before 0.0.0.20160906 for Geeklog allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.17%
Published
2017-04-14
Updated
2017-04-21
1 vulnerabilities found