Cross site scripting

2008-05-2213:09:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.6%

JSON

Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote attackers to inject arbitrary web script or HTML via the postid parameter.

CPENameOperatorVersion
an_guestbookeq0.4

CPE	Name	Operator	Version
	an_guestbook	eq	0.4

References

www.securityfocus.com/bid/29254

www.z0rlu.ownspace.org/index.php?/archives/86-ANG-AN-Guestbook-version-0.4-xss.html

exchange.xforce.ibmcloud.com/vulnerabilities/42489