CVE-2013-1413 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7 i-doit pro 1.0 and earlier and i-doit pro 1.0.2 when the ‘sanitize user input’ flag is not enabled allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://seclists.org/fulldisclosure/2013/Mar/0 http://secunia.com/advisories/52415 http://secunia.com/advisories/56834 http://www.csnc.ch/en/modules/news/news_0076.html_533560828.html