https://www.securityfocus.com/bid/89184
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200506-071

Sawmill7.1.6之前版本中存在多个跨站脚本攻击(XSS)漏洞，远程攻击者可借助：(1)增加用户窗口中的用户名，或(2)Licensing页面中的许可密钥来注入任意Web脚本或HTML。

Sawmill Sawmill 7.1.4

Sawmill Sawmill 7.1.5

Sawmill Sawmill 7.1.3

Sawmill Sawmill 7.1.2

Sawmill Sawmill 7.1.1B

Sawmill Sawmill 7.1.1

Sawmill Sawmill 7.1

来源:SECUNIA
名称:15499
链接:http://secunia.com/advisories/15499
来源:XF
名称:sawmill-add-user-xss(20881)
链接:http://xforce.iss.net/xforce/xfdb/20881
来源:www.sawmill.net
链接:http://www.sawmill.net/version_history7.html
来源:OSVDB
名称:17103
链接:http://www.osvdb.org/17103
来源:OSVDB
名称:17102
链接:http://www.osvdb.org/17102
来源:MISC
链接:http://www.networksecurity.fi/advisories/sawmill-admin.html
来源:SECTRACK
名称:1014106
链接:http://securitytracker.com/id?1014106