Vulnerabilities > CVE-2005-4256 - Cross-Site Scripting vulnerability in Asp-Dev XM Forum RC3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forum_title parameter. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. In addition, its accuracy is in question because "forum_title" does not appear to be specified in the source code for XM Forum RC3. It is possible, but not certain, that this is CVE-2004-2211.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | ASP-DEV XM Forum Forum.ASP Cross-Site Scripting Vulnerability. CVE-2005-4256. Webapps exploit for asp platform |
id | EDB-ID:26820 |
last seen | 2016-02-03 |
modified | 2005-12-14 |
published | 2005-12-14 |
reporter | Dj_Eyes |
source | https://www.exploit-db.com/download/26820/ |
title | ASP-DEV XM Forum Forum.ASP Cross-Site Scripting Vulnerability |