Описание
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check for "<" and ">" characters.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| edgy | released | 2.0.21-3 |
| feisty | released | 2.0.21-3 |
| gutsy | released | 2.0.21-3 |
| hardy | released | 2.0.21-3 |
| intrepid | released | 2.0.21-3 |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check for "<" and ">" characters.
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB ...
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check for "<" and ">" characters.
4.3 Medium
CVSS2