CVE-2014-100006 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in modules_v3/googlemap/wt_v3_street_view.php in webtrees before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) map (2) streetview or (3) reset parameter.

Reference

http://secunia.com/advisories/56870 http://www.rusty-ice.de/advisory/advisory_2014001.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/91133