Vulnerabilities > CVE-2005-0216 - Cross-Site Scripting vulnerability in WoltLab Burning Board Lite Form Mail Script

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

woltlab

NVD

Published: 2005-05-02

Updated: 2017-07-12

Summary

Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter.

Vulnerable Configurations

Part	Description	Count
Application	Woltlab Woltlab Burning Board Lite 1.0.0 Woltlab Burning Board Lite 1.0.1E	2

References

http://marc.info/?l=bugtraq&m=110537385427004&w=2
http://secunia.com/advisories/13782
http://www.securityfocus.com/bid/12199
https://exchange.xforce.ibmcloud.com/vulnerabilities/18814