Описание
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter.
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2509
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18432
- http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0239.html
- http://secunia.com/advisories/13452
- http://securitytracker.com/id?1012503
- http://www.osvdb.org/12365
- http://www.osvdb.org/12366
- http://www.osvdb.org/12367
- http://www.securityfocus.com/bid/11900
EPSS
Процентиль: 80%
0.0138
Низкий
CVE ID
Связанные уязвимости
nvd
около 21 года назад
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter.
EPSS
Процентиль: 80%
0.0138
Низкий