Summary
This host is running Phorum and is prone to cross-site scripting vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary code in the context of an application.
Impact Level: Application
Solution
Upgrade Phorum to 5.2.15 or later,
For updates refer to http://www.phorum.org/downloads.php
Insight
The flaw is due to error in handling email address.
NOTE: Further information is not available.
Affected
Phorum version prior to 5.2.15
References
Severity
Classification
-
CVE CVE-2010-1629 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Tomcat source.jsp malformed request information disclosure
- Apache ActiveMQ Source Code Information Disclosure Vulnerability
- Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
- Apache Struts2 showcase namespace XSS Vulnerability
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities