Cross site scripting

2013-08-2014:55:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.5%

JSON

Cross-site scripting (XSS) vulnerability in Forums/EditPost.aspx in mojoPortal before 2.3.9.8 allows remote attackers to inject arbitrary web script or HTML via the txtSubject parameter.

CPENameOperatorVersion
mojoportaleq2.3.0.4
mojoportaleq2.3.0.1
mojoportaleq2.3.8.5
mojoportaleq2.3.9.6
mojoportaleq2.3.5.2
mojoportaleq2.3.6.5
mojoportaleq2.3.9.0
mojoportaleq2.3.2.9
mojoportaleq2.3.3.9
mojoportaleq2.3.7.5

Name	Operator	Version
mojoportal	eq	2.3.0.4
mojoportal	eq	2.3.0.1
mojoportal	eq	2.3.8.5
mojoportal	eq	2.3.9.6
mojoportal	eq	2.3.5.2
mojoportal	eq	2.3.6.5
mojoportal	eq	2.3.9.0
mojoportal	eq	2.3.2.9
mojoportal	eq	2.3.3.9
mojoportal	eq	2.3.7.5

Rows per page:

1-10 of 401

References

archives.neohapsis.com/archives/bugtraq/2013-07/0200.html

osvdb.org/95847

packetstormsecurity.com/files/122608/MojoPortal-2.3.9.7-Cross-Site-Scripting.html

secunia.com/advisories/54297

www.securityfocus.com/bid/61520

exchange.xforce.ibmcloud.com/vulnerabilities/86058

www.mojoportal.com/mojoportal-2398-released