Multiple Cross-Site Scripting Vulnerabilities in ProjeQtOr by Gaspard Potier
CVE-2013-6163
Currently unrated
What is CVE-2013-6163?
ProjeQtOr, formerly known as Project'Or RIA, is susceptible to multiple cross-site scripting vulnerabilities that can be exploited by remote attackers. By manipulating parameters such as 'type' in view/parameter.php, 'p1value' in view/main.php, and 'objectClass' in view/objectDetail.php, attackers can inject arbitrary web scripts or HTML content. This security weakness can lead to unauthorized actions being executed in the context of current users, thereby compromising data integrity and confidentiality.