Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xmb | Xmb_forum | 1.8 (including) | 1.8 (including) |