Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Phorum | Phorum | 5.0.7_beta (including) | 5.0.7_beta (including) |
References
- http://phorum.org/cvs-changelog-5.txt
- http://securitytracker.com/id?1010787
- http://www.securityfocus.com/bid/10822
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16831
- http://phorum.org/cvs-changelog-5.txt
- http://securitytracker.com/id?1010787
- http://www.securityfocus.com/bid/10822
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16831