Описание
Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php, which is not properly handled in forum.php.
Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php, which is not properly handled in forum.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-4649
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56278
- http://groups.csail.mit.edu/pag/ardilla
- http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-lenient-T.txt
- http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-strict-T.txt
- http://www.securityfocus.com/bid/35449
Связанные уязвимости
nvd
почти 16 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php, which is not properly handled in forum.php.