Cross site scripting

2008-07-3116:41:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9.5 allow remote attackers to inject arbitrary web script or HTML via the mode parameter to (1) admin_group_details.asp and (2) admin_category_details.asp.

CPENameOperatorVersion
web_wiz_forumeq9.5

CPE	Name	Operator	Version
	web_wiz_forum	eq	9.5

References

depo2.nm.ru/WebWiz_Forum_v9.5_XSS.txt

depo2.nm.ru/WebWiz_Forum_v9.5_XSS2.txt

secunia.com/advisories/31281

www.securityfocus.com/bid/30398

exchange.xforce.ibmcloud.com/vulnerabilities/44012