Vulnerabilities > CVE-2003-0283 - Unspecified vulnerability in Phorum
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phorum
exploit available
Summary
Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.
Vulnerable Configurations
Exploit-Db
| description | Phorum 3.4.x Message Form Field HTML Injection Variant Vulnerability. CVE-2003-0283 . Webapps exploit for php platform |
| id | EDB-ID:22579 |
| last seen | 2016-02-02 |
| modified | 2003-05-09 |
| published | 2003-05-09 |
| reporter | WiciU |
| source | https://www.exploit-db.com/download/22579/ |
| title | Phorum 3.4.x Message Form Field HTML Injection Variant Vulnerability |
References
- http://marc.info/?l=bugtraq&m=105251043821533&w=2
- http://marc.info/?l=bugtraq&m=105251043821533&w=2
- http://marc.info/?l=bugtraq&m=105251421925394&w=2
- http://marc.info/?l=bugtraq&m=105251421925394&w=2
- http://www.securityfocus.com/bid/7545
- http://www.securityfocus.com/bid/7545
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11974
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11974