5.7 Medium
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.6%
Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php.
lostmon.blogspot.com/2005/07/class-1-forum-software-cross-site.html
secunia.com/advisories/16078
securitytracker.com/id?1014485
securitytracker.com/id?1014486
www.osvdb.org/17920
www.securityfocus.com/bid/14261