CVE Vulnerabilities

CVE-2002-0217

Published: May 16, 2002 | Modified: Sep 11, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.

Affected Software

Name Vendor Start Version End Version
Xoops Xoops 1.0_rc1 (including) 1.0_rc1 (including)

References