CVE-2013-6808 Information

Description

Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13 allows remote attackers to inject arbitrary web script or HTML via a modified emailAddr field to pickup.php.

Reference

http://www.zend.to/changelog.php https://www.packetlabs.net/cve-2013-6808/