3 matches found
CVE-2018-18675
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/boardformupdate.php bomobilesubject parameter...
CVE-2018-18675
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/boardformupdate.php bomobilesubject parameter...
CVE-2018-18675
GNUBOARD5 5.3.1.9 contains a cross-site scripting (XSS) vulnerability in the adm/board_form_update.php endpoint via the bo_mobile_subject (mobile board title contents) parameter. The issue arises from insufficient input validation in the web application, allowing remote attackers to inject arbitr...