CVE-2002-1459

2003-06-09T04:00:00
ID CVE-2002-1459
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:30:00

Description

Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject.