Lams
Monthly
There is unauthenticated reflected cross-site scripting (XSS) in LAMS before 3.1 that allows a remote attacker to introduce arbitrary JavaScript via manipulation of an unsanitized GET parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is unauthenticated reflected cross-site scripting (XSS) in LAMS before 3.1 that allows a remote attacker to introduce arbitrary JavaScript via manipulation of an unsanitized GET parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.