3 matches found
CVE-2002-0217
Cross-site scripting CSS vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via 1 the Title field or a Private Message Box or 2 the image field parameter in pmlite.php...
CVE-2002-0217
Cross-site scripting CSS vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via 1 the Title field or a Private Message Box or 2 the image field parameter in pmlite.php...
CVE-2002-0217
CVE-2002-0217 affects XOOPS 1.0 RC1 — the Private Message System is vulnerable to cross-site scripting via the PM title/field or the image parameter in pmlite.php. The root cause is insufficient input filtering, allowing remote attackers to run Javascript in other users’ browsers. Documented impa...