Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=109267937212298&w=2 | |
http://secunia.com/advisories/12317/ | Exploit Patch Vendor Advisory |
http://www.kb.cert.org/vuls/id/674542 | Exploit Patch Third Party Advisory US Government Resource |
http://www.osvdb.org/8985 | Vendor Advisory |
http://www.pscript.de/news/index.php | |
http://www.securityfocus.com/bid/10954 | Exploit Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17003 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2004-08-16 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-1716
Mitre link : CVE-2004-1716
CVE.ORG link : CVE-2004-1716
JSON object : View
Products Affected
powie
- pforum
CWE