ntu.edu.sg Cross Site Scripting vulnerability OBB-1393062

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Phorum 'real_name' Parameter Cross-Site Scripting Vulnerability

This host is running Phorum and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbphorumxssvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ Phorum 'realname' Parameter Cross-Site Scripting Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks...

CVE-2011-3392

Cross-site scripting XSS vulnerability in control.php in the controlcenter in Phorum before 5.2.17 allows remote attackers to inject arbitrary web script or HTML via the realname parameter...

CVE-2011-3392

Summary: CVE-2011-3392 is a cross-site scripting (XSS) vulnerability in Phorum 5.2.x prior to 5.2.17. The flaw resides in the control.php script within the controlcenter, where the real_name parameter is not properly sanitized, allowing an attacker to inject arbitrary HTML/JavaScript into a user’...