Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
References
Configurations
Configuration 1 (hide)
AND |
|
History
20 Nov 2024, 23:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/3288 - | |
References | () http://www.securityfocus.com/archive/1/321310 - | |
References | () http://www.securityfocus.com/bid/7572 - Patch | |
References | () http://www.securityfocus.com/bid/7573 - Patch | |
References | () http://www.securityfocus.com/bid/7576 - | |
References | () http://www.securityfocus.com/bid/7577 - | |
References | () http://www.securityfocus.com/bid/7584 - Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/12487 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/12502 - |
Information
Published : 2003-12-31 05:00
Updated : 2024-11-20 23:47
NVD link : CVE-2003-1467
Mitre link : CVE-2003-1467
CVE.ORG link : CVE-2003-1467
JSON object : View
Products Affected
unix
- unix
linux
- linux_kernel
phorum
- phorum
microsoft
- all_windows
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')