Description

Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the (1) forum and (2) topic_id parameters.

Remediation

References

CVE-2004-2756

Related Vulnerabilities

Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8124)

PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)

WordPress Plugin Folders-Organize Pages, Posts and Media Library Folders with Drag and Drop Cross-Site Scripting (2.0.5)

WordPress Plugin Visualizer:Tables and Charts Manager for WordPress PHAR Deserialization (3.7.9)

Oracle Database Server CVE-2012-0510 Vulnerability (CVE-2012-0510)

Severity

Medium

Classification

CVE-2004-2756 CWE-707

Tags

Missing Update Known Vulnerabilities