CVE-2009-3963

XOOPS (before version 2.4.0 Final) is cited in connected sources as having a cross-site scripting vulnerability in misc.php: the script does not sanitize the requested URI before displaying it, enabling a remote attacker to craft a URL that executes script in victims’ browsers. CVE-2009-3963 is t...