Bitrix » Bitrix Site Manager : Security Vulnerabilities, CVEs, Published In 2006 (XSS)
Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified back_url during a HTTP POST request. NOTE: this issue has been referred to as "cross-site scripting," but that is inconsistent with the common use of the term.
Max CVSS
5.0
EPSS Score
3.63%
Published
2006-05-19
Updated
2018-10-18
Cross-site scripting (XSS) vulnerability in the administrative interface Bitrix Site Manager 4.1.x allows remote attackers to inject arbitrary web script or HTML via unspecified inputs.
Max CVSS
4.9
EPSS Score
0.34%
Published
2006-05-19
Updated
2018-10-18
2 vulnerabilities found