CVE-2004-2438 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-2438

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the (1) Submit News, (2) Submit Link or (3) Submit Article field.

Affected Software

Name	Vendor	Start Version	End Version
Php_fusion	Php_fusion	4.01 (including)	4.01 (including)

References

http://secunia.com/advisories/12686/
http://www.osvdb.org/10439
http://www.securityfocus.com/bid/11296
https://exchange.xforce.ibmcloud.com/vulnerabilities/17548
http://secunia.com/advisories/12686/
http://www.osvdb.org/10439
http://www.securityfocus.com/bid/11296
https://exchange.xforce.ibmcloud.com/vulnerabilities/17548