VYPR
Unrated severityNVD Advisory· Published Sep 27, 2011· Updated Jun 16, 2026

CVE-2011-3686

CVE-2011-3686

Description

Multiple cross-site scripting (XSS) vulnerabilities in myAddressBook.asp in Sonexis ConferenceManager 9.2.11.0 and 9.3.14.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fname, (2) lname, (3) email_edit, (4) email, (5) email2, (6) email3, (7) sms, (8) sms_id, or (9) work parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:sonexis:conferencemanager:9.2.11.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:sonexis:conferencemanager:9.2.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sonexis:conferencemanager:9.3.14.0:*:*:*:*:*:*:*
    • (no CPE)range: = 9.2.11.0 || = 9.3.14.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.