CVE-2015-2198
The CVE-2015-2198 entry concerns Beehive Forum 1.4.4, where multiple XSS vulnerabilities exist in edit_prefs.php. The flaw stems from how the parameters homepage_url, pic_url, and avatar_url are handled inside error messages, allowing remote attackers to inject arbitrary script/HTML. Red Hat and ...