CVE-2004-1716

Опубликовано: 16 авг. 2004

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile.

Ссылки

http://marc.info/?l=bugtraq&m=109267937212298&w=2
http://secunia.com/advisories/12317/
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/674542
Exploit
Patch
Third Party Advisory
US Government Resource
http://www.osvdb.org/8985
Vendor Advisory
http://www.pscript.de/news/index.php
http://www.securityfocus.com/bid/10954
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17003
http://marc.info/?l=bugtraq&m=109267937212298&w=2
http://secunia.com/advisories/12317/
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/674542
Exploit
Patch
Third Party Advisory
US Government Resource
http://www.osvdb.org/8985
Vendor Advisory
http://www.pscript.de/news/index.php
http://www.securityfocus.com/bid/10954
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17003

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:powie:pforum:1.24:*:*:*:*:*:*:*

cpe:2.3:a:powie:pforum:1.25:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07281

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3gx5-q8r9-268f

github

почти 4 года назад