2 matches found
CVE-2007-3339
Multiple cross-site scripting XSS vulnerabilities in forum/include/error/autherror.cfm in FuseTalk Basic, Standard, Enterprise, and ColdFusion allow remote attackers to inject arbitrary web script or HTML via the 1 FTVARLINKP and 2 FTVARURLP parameters to a forum/include/error/autherror.cfm, and...
CVE-2007-3339
CVE-2007-3339 affects FuseTalk (Basic/Standard/Enterprise/ColdFusion). The issue resides in forum/include/error/autherror.cfm (and related comfinish.cfm) where input parameters FTVAR_LINKP, FTVAR_URLP, and FTVAR_SCRIPTRUN can be injected to produce cross-site scripting. Documents corroborate the ...