5 matches found
CVE-2007-3339
Multiple cross-site scripting XSS vulnerabilities in forum/include/error/autherror.cfm in FuseTalk Basic, Standard, Enterprise, and ColdFusion allow remote attackers to inject arbitrary web script or HTML via the 1 FTVARLINKP and 2 FTVARURLP parameters to a forum/include/error/autherror.cfm, and...
FuseTalk Forum img src Tag XSS
The remote host is using FuseTalk, a web-based discussion forum. A vulnerability exists in the script 'tombstone.cfm' that could allow an attacker to execute arbitrary HTML and script code in the context of the user's browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
XXS in fusetalk forum
Vendor : fusetalk URL : http://www.fusetalk.com/ Version: 4.0 Risk : Cross site scripting Description: Fusetalk is a discussion forum solution that provides a powerful and simple method of web-based collaboration. Cross site scripting: The filtering script for the img src= doesnt filter " if...
FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities
FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/11407/info FuseTalk Forum is reported prone to multiple input validation vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks. The cause of...
FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/11407/info FuseTalk Forum is reported prone to multiple input validation vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks. The cause of these issues is insufficient sanitization of user-supplied data. The...