CVE-2014-1237

Name of the Vulnerable Software and Affected Versions synetics i-doit pro versions prior to 1.2.4

Description The issue allows remote attackers to inject arbitrary web script or HTML via the call parameter, potentially leading to cross-site scripting (XSS) attacks.

Recommendations For versions prior to 1.2.4, update to version 1.2.4 or later to resolve the issue.