CVE-2015-9549

A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_CELL.tpl FIELD_NAME field to data/emoticons.php.

Score

4.3

Source

http://nvd.nist.gov

Access-complexity

MEDIUM

Access-vector

NETWORK