Summary
According to its version number, the remote version of Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.
Phorum 5.2.10 and 5.2-dev are vulnerable
other versions may also be
affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Struts Cross Site Scripting Vulnerability
- AbanteCart Multiple Cross-Site Scripting Vulnerabilities
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- Adobe ColdFusion Multiple Vulnerabilities-03 May-2014