Cross site scripting

2013-05-2315:55:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.9%

JSON

Cross-site scripting (XSS) vulnerability in the LatestComment plugin 1.1 for Vanilla Forums allows remote attackers to inject arbitrary web script or HTML via the discussion title.

CPENameOperatorVersion
latestcommenteq1.1

CPE	Name	Operator	Version
	latestcomment	eq	1.1

References

secunia.com/advisories/49249

www.henryhoggard.co.uk/security/191/

www.securityfocus.com/bid/53633

www.exploit-db.com/exploits/18908