CVE-2005-2322 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-2322

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php.

Affected Software

Name	Vendor	Start Version	End Version
Class-1_forum	Class-1	0.23.2 (including)	0.23.2 (including)
Class-1_forum	Class-1	0.24.4 (including)	0.24.4 (including)
Clever_copy	Clever_copy	*	*

References

http://lostmon.blogspot.com/2005/07/class-1-forum-software-cross-site.html
http://secunia.com/advisories/16078
http://securitytracker.com/id?1014485
http://securitytracker.com/id?1014486
http://www.osvdb.org/17920
http://www.securityfocus.com/bid/14261