Vulnerabilities > Open Source Development Network > Slashcode > 2.2.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2656 | Security vulnerability in Open Source Development Network Slashcode 2.2.5 Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) before R_2_5_0_41 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in search.pl and (2) the filter parameter in submit.pl. network open-source-development-network | 4.3 |
2002-12-31 | CVE-2002-1681 | Unspecified vulnerability in Open Source Development Network Slashcode Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag. network open-source-development-network | 6.8 |