CVE-2008-3391

2008-07-3116:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9.5 allow remote attackers to inject arbitrary web script or HTML via the mode parameter to (1) admin_group_details.asp and (2) admin_category_details.asp.

References

depo2.nm.ru/WebWiz_Forum_v9.5_XSS.txt

depo2.nm.ru/WebWiz_Forum_v9.5_XSS2.txt

secunia.com/advisories/31281

www.securityfocus.com/bid/30398

exchange.xforce.ibmcloud.com/vulnerabilities/44012