6.3 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.017 Low
EPSS
Percentile
87.6%
Multiple cross-site scripting (XSS) vulnerabilities in HydroBB 1.0.0 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to (1) search.php, (2) members.php, (3) stats.php, (4) viewforum.php, (5) register.php, (6) usercp.php, (7) groups.php, (8) pms.php, and (9) calendar.php.
CPE | Name | Operator | Version |
---|---|---|---|
hydrobb:hydrobb | hydrobb | eq | 1.0.0_beta_2 |
pridels0.blogspot.com/2005/11/xss-in-hydrobb.html
www.osvdb.org/21293
www.osvdb.org/21294
www.osvdb.org/21295
www.osvdb.org/21296
www.osvdb.org/21297
www.osvdb.org/21298
www.osvdb.org/21299
www.osvdb.org/21300
www.osvdb.org/21301
www.vupen.com/english/advisories/2005/2562
exchange.xforce.ibmcloud.com/vulnerabilities/23299