First published: Fri Dec 31 2004(Updated: )
Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendor's patch.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Phorum Phorum | =5.0.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.