CVE-2003-1467

Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*
cpe:2.3:o:unix:unix:any_version:*:*:*:*:*:*:*
OR cpe:2.3:a:phorum:phorum:*:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:3.4:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:3.4.1:*:*:*:*:*:*:*

History

20 Nov 2024, 23:47

Type Values Removed Values Added
References () http://securityreason.com/securityalert/3288 - () http://securityreason.com/securityalert/3288 -
References () http://www.securityfocus.com/archive/1/321310 - () http://www.securityfocus.com/archive/1/321310 -
References () http://www.securityfocus.com/bid/7572 - Patch () http://www.securityfocus.com/bid/7572 - Patch
References () http://www.securityfocus.com/bid/7573 - Patch () http://www.securityfocus.com/bid/7573 - Patch
References () http://www.securityfocus.com/bid/7576 - () http://www.securityfocus.com/bid/7576 -
References () http://www.securityfocus.com/bid/7577 - () http://www.securityfocus.com/bid/7577 -
References () http://www.securityfocus.com/bid/7584 - Patch () http://www.securityfocus.com/bid/7584 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/12487 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/12487 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/12502 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/12502 -

Information

Published : 2003-12-31 05:00

Updated : 2024-11-20 23:47


NVD link : CVE-2003-1467

Mitre link : CVE-2003-1467

CVE.ORG link : CVE-2003-1467


JSON object : View

Products Affected

microsoft

  • all_windows

phorum

  • phorum

unix

  • unix

linux

  • linux_kernel
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')