Input passed to the "dom" parameter in left.cgi and via the URL to virtual-server/link.cgi is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
CVE Link
Exploit Type - Old
Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities
Exploit Type
Product Name