Cross site scripting

2007-04-2520:19:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows remote attackers to inject arbitrary web script or HTML via the City field in a sign action in index.php.

CPENameOperatorVersion
ya_bookeq0.98.0-alpha

CPE	Name	Operator	Version
	ya_book	eq	0.98.0-alpha

References

osvdb.org/35519

securityreason.com/securityalert/2629

www.securityfocus.com/archive/1/466743/100/0/threaded

www.securityfocus.com/bid/23626

exchange.xforce.ibmcloud.com/vulnerabilities/33894