CVE-2011-5138

2012-08-3121:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.0%

JSON

Cross-site scripting (XSS) vulnerability in member.php in tForum b0.915 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a viewprofile action.

References

packetstormsecurity.org/files/view/108184/tforum-sqlxss.txt

exchange.xforce.ibmcloud.com/vulnerabilities/71973