Description

Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the (1) forum and (2) topic_id parameters.

Remediation

References

CVE-2004-2756

Related Vulnerabilities

WordPress Improper Input Validation Vulnerability (CVE-2008-2392)

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13430)

WordPress Plugin Inline Related Posts Multiple Cross-Site Scripting Vulnerabilities (3.0.4)

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681)

WordPress Plugin fGallery SQL Injection (2.4.1)

Severity

Medium

Classification

CVE-2004-2756 CWE-707

Tags

Missing Update Known Vulnerabilities