oss-sec mailing list archives

Re: CVE request: XSS in Phorum < 5.2.10


From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 9 Feb 2009 14:45:49 -0500 (EST)


======================================================
Name: CVE-2009-0488
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0488
Reference: CONFIRM:http://www.phorum.org/phorum5/read.php?64,136129

Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10
allows remote attackers to inject arbitrary web script or HTML via
unspecified vectors.



Current thread: