Описание
Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.
Ссылки
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:postboard:postboard:2.0:*:*:*:*:*:*:*
cpe:2.3:a:postboard:postboard:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.64:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.70:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.71:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.703:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.0792
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.
EPSS
Процентиль: 92%
0.0792
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other