Multiple cross-site scripting (XSS) vulnerabilities in templates/link_temp.php in PHPNews 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) url, (2) id, (3) subject, (4) username, or (5) time parameter.
References
Configurations
History
No history.
Information
Published : 2006-12-07 01:28
Updated : 2024-02-04 17:13
NVD link : CVE-2006-6356
Mitre link : CVE-2006-6356
CVE.ORG link : CVE-2006-6356
JSON object : View
Products Affected
phpnews
- phpnews
CWE