CVE-2005-3837

Properties

Published:
25.11.2005
Updated:
28.11.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N)
    Product:
    sCssBoard: sCssBoard
    sCssBoard: sCssBoard

    Vulnerability description

    Cross-site scripting (XSS) vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier versions, allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.

    References:

    http://pridels.blogspot.com/2005/11/scssboard-xss-vuln-in-search-param.html: http://pridels.blogspot.com/2005/11/scssboard-xss-vuln-in-search-param.html
    FRSIRT: http://www.frsirt.com/english/advisories/2005/2568
    SECUNIA: http://secunia.com/advisories/17716
    BID: http://www.securityfocus.com/bid/15558
    OSVDB: http://www.osvdb.org/21089