Vulnerabilities (CVE)

Filtered by vendor Cloud4wi Subscribe
Filtered by product Splash Portal
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4699 1 Cloud4wi 1 Splash Portal 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI.