Vulnerabilities > CVE-2005-3688 - Unspecified vulnerability in XMB Forum XMB
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration page.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |
Statements
contributor | |
lastmodified | 2008-12-11 |
organization | XMB |
statement | This CVE is considered invalid because it duplicates CVE-2005-0885. |
References
- http://irannetjob.com/content/view/163/28/
- http://www.securityfocus.com/bid/15489
- http://secunia.com/advisories/17642
- http://securitytracker.com/id?1015237
- http://www.vupen.com/english/advisories/2005/2488
- http://www.securityfocus.com/archive/1/417078/30/0/threaded
- https://docs.xmbforum2.com/index.php?title=Security_Issue_History