Vulnerabilities > CVE-2003-1278 - HTML Injection vulnerability in Infopop Opentopic 2.3.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | OpenTopic 2.3.1 Private Message HTML Injection Vulnerability. CVE-2003-1278. Webapps exploit for php platform |
| id | EDB-ID:22125 |
| last seen | 2016-02-02 |
| modified | 2003-01-06 |
| published | 2003-01-06 |
| reporter | frog |
| source | https://www.exploit-db.com/download/22125/ |
| title | OpenTopic 2.3.1 - Private Message HTML Injection Vulnerability |