Vulnerabilities > CVE-2005-1584 - HTML Injection vulnerability in Open Solution Quick.Forum 2.1.6

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

open-solution

NVD

Published: 2005-05-14

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action.

Vulnerable Configurations

Part	Description	Count
Application	Open_Solution Open Solution Quick.Forum 2.1.6	1

References

http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.html
http://secunia.com/advisories/15200
http://www.osvdb.org/16327
http://www.securityfocus.com/bid/13602