Vulnerabilities > Ilia Alshanetsky > Fudforum > 2.7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-08-16 | CVE-2013-5309 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. | 2.6 |