2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2007-3328...
CVE-2007-3328
CVE-2007-3328 affects Interact 2.4 beta 1 and is described as multiple XSS vulnerabilities. The vulnerable components are in Interact modules: (1) module_key parameter used by kb/kb.php, quiz/runquiz.php, quiz/quiz.php, forum/forum.php, forum/byname.php, journal/journalview.php; (2) tag_key param...