Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the title field of a PM (private message).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mercuryboard_message_board | Mercuryboard | 1.1.1 | 1.1.1 |
Mercuryboard_message_board | Mercuryboard | 1.0 | 1.0 |
Mercuryboard_message_board | Mercuryboard | 1.1 | 1.1 |
Mercuryboard_message_board | Mercuryboard | 1.0.2 | 1.0.2 |
Mercuryboard_message_board | Mercuryboard | 1.0.1 | 1.0.1 |
Mercuryboard_message_board | Mercuryboard | 1.1.2 | 1.1.2 |