Zeroboard XSS Network Vulnerability

Summary

The remote web server contains several PHP scripts that are prone to cross-site scripting attacks. Description : The remote host runs Zeroboard, a web BBS application popular in Korea. The remote version of this software is vulnerable to cross-site scripting attacks due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script code in a user's browser within the context of the affected web site.

Solution

Upgrade to Zeroboard 4.1pl6 or later.

References

http://www.securityfocus.com/archive/1/390933

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-0495
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

123 Flash Chat Multiple Security Vulnerabilities
Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
AbanteCart Multiple Cross-Site Scripting Vulnerabilities
Apache Tomcat Login Constraints Security Bypass Vulnerability
Apache Archiva Multiple Vulnerabilities

Take action and discover your vulnerabilities