2 matches found
CVE-2004-2514
Cross-site scripting XSS vulnerability in modules/privatemessages/index.php in PowerPortal 1.x allows remote attackers to inject arbitrary web script or HTML via the 1 SUBJECT or 2 MESSAGE field...
CVE-2004-2514
PowerPortal 1.x is affected by an XSS vulnerability in the private_messages/index.php module. The flaw allows an attacker to inject arbitrary HTML/script via the SUBJECT or MESSAGE fields, enabling remote exploitation. The issue is documented across multiple sources (CVE-2004-2514) with standard ...