Vulnerabilities > Ztree Project > Ztree > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-12-07 | CVE-2015-7348 | Cross-site Scripting vulnerability in Ztree Project Ztree 3.5.19.1 Cross-site scripting (XSS) vulnerability in zTree 3.5.19.1 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to demo/en/asyncData/getNodesForBigData.php. | 4.3 |