Description

Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the (1) forum and (2) topic_id parameters.

Remediation

References

CVE-2004-2756

Related Vulnerabilities

Oracle Database Server CVE-2019-2569 Vulnerability (CVE-2019-2569)

WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Cross-Site Scripting (1.11.2)

WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (3.9.8)

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0124)

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10083)

Severity

Medium

Classification

CVE-2004-2756 CWE-707

Tags

Missing Update Known Vulnerabilities