CVE-2013-2289

Name of the Vulnerable Software and Affected Versions Batavi version 1.2.2

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the QUERY STRING to "admin/index.php". This could potentially lead to unauthorized actions on the affected system.

Recommendations For Batavi version 1.2.2, update to a version that fixes this issue, as using the QUERY STRING to "admin/index.php" can lead to exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.