Vulnerabilities > Xoops > Xoops Pool Module > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-13 | CVE-2006-0198 | HTML Injection vulnerability in Xoops Pool Module IMG Tag Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote attackers to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment. network xoops | 4.3 |