First published: Fri Jul 01 2005(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter to edit.php or (2) cid parameter to comment_edit.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xoops Xoops | =2.0.5.1 | |
Xoops Xoops | =2.0.2 | |
Xoops Xoops | =2.0.5.2 | |
Xoops Xoops | =2.0.9.2 | |
Xoops Xoops | =2.0.7 | |
Xoops Xoops | =2.0.3 | |
Xoops Xoops | =2.0.9 | |
Xoops Xoops | =2.0.4 | |
Xoops Xoops | =2.0.1 | |
Xoops Xoops | =2.0.10 | |
Xoops Xoops | =2.0.11 | |
Xoops Xoops | =2.0 | |
Xoops Xoops | =2.0.5 | |
Xoops Xoops | =2.0.9.3 | |
Xoops Xoops | =2.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.