N/A

Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, 1.4.1, and probably other versions before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this was originally reported as a file disclosure vulnerability, but this is likely inaccurate.

N/A

N/A

CF Image Hosting Script 跨站脚本漏洞

CF Image Hosting Script 1.3.82版本，1.4.1版本，以及可能还包括1.4.2之前的其他版本的inc/tesmodrewite.php中存在跨站脚本漏洞。远程攻击者可借助q参数注入任意web脚本或者HTML。

N/A

N/A