CVE-2011-5269

Projectforge < 3.5.2 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a validation message.

References (2)

[Vendor Advisory] http://www.projectforge.org/pf-en/News

[Various Sources] https://www.projectforge.org/jira/browse/PF-185

Scores

EPSS 0.0019

EPSS Percentile 40.0%

Details

CWE

CWE-79

Status published

Products (8)

projectforge/projectforge < 3.5.2

projectforge/projectforge

n/a/n/a

Published Jan 02, 2014

Tracked Since Feb 18, 2026