Cross site scripting

2006-01-0911:03:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.035 Low

EPSS

Percentile

91.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the guestbook module in modules.php in Phanatic Softwares Chimera Web Portal System 0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) comment_poster, (2) comment_poster_email, (3) comment_poster_homepage, and (4) comment_text parameters.

CPENameOperatorVersion
chimera_web_portaleq0.2

CPE	Name	Operator	Version
	chimera_web_portal	eq	0.2

References

evuln.com/vulns/7/exploit.html

evuln.com/vulns/7/summary.html

www.securityfocus.com/archive/1/420669/100/0/threaded

www.securityfocus.com/bid/16113

www.vupen.com/english/advisories/2006/0025