JVN#77105349 XOOPS cross-site scripting vulnerability

2005-10-24T00:00:00
ID JVN:77105349
Type jvn
Reporter Japan Vulnerability Notes
Modified 2008-05-21T00:00:00

Description

## Description

## Impact

A remote attacker may upload a script to be executed by a user reading a private message or a forum article.
This may allow a remote attacker to perform a session-hijacking and manipulate the screens after the user logs in.

## Solution

## Products Affected

  • XOOPS 2.0.12 JP and earlier
  • XOOPS 2.0.13.1 and earlier
  • XOOPS 2.2.3 RC1 and earlier