CVE Vulnerabilities

CVE-2002-1459

Published: Jun 09, 2003 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the Enable HTML in messages option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject.

Affected Software

Name Vendor Start Version End Version
L-forum Leszek_krupinski 2.4.0 2.4.0

References