Moderate

CVE-2004-0254 - Unspecified vulnerability in Crosscom Olicom Discuz

Publication: 2004-11-23
Summary

Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag.

Risk level (CVSS 6.8)

Moderate

6.8

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Crosscom Olicom Discuz 2.0
  • Crosscom Olicom Discuz 3.0