5.7 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.0%
Cross-site scripting (XSS) vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest variable.
secunia.com/advisories/23484
www.ovbb.org/forums/thread.php?threadid=185
www.vupen.com/english/advisories/2007/0039