← Back to CVE List
CVE-2015-4699
Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt