Cross-site scripting (XSS) vulnerability in widgets/widget_search.php in dKret before 2.6 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).
Max CVSS
4.3
EPSS Score
0.69%
Published
2007-06-19
Updated
2017-07-29
1 vulnerabilities found