CVE-2016-1222

Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

Date published : 2016-06-04

http://www.kobe-beauty.co.jp/php-contact-form/

https://github.com/kobebeauty/php-contact-form/commit/e7d094ca8ab15215c32d6fa04d17e8519c8d21cf