Vulnerabilities > CVE-2004-0254 - Cross-Site Scripting vulnerability in Crosscom Olicom Discuz 2.0/3.0

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
crosscom-olicom
exploit available

Summary

Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag.

Vulnerable Configurations

Part Description Count
Application
Crosscom_Olicom
2

Exploit-Db

descriptionCrossday Discuz! 2.0/3.0 Cross Site Scripting Vulnerability. CVE-2004-0254. Webapps exploit for php platform
idEDB-ID:23653
last seen2016-02-02
modified2004-02-05
published2004-02-05
reporterCheng Peng Su
sourcehttps://www.exploit-db.com/download/23653/
titleCrossday Discuz! 2.0/3.0 - Cross-Site Scripting Vulnerability