CVE-2013-5309

2013-08-16T13:55:09
ID CVE-2013-5309
Type cve
Reporter NVD
Modified 2017-08-28T21:33:43

Description

Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from third party information.