CVE-2018-15585

Cross-Site Scripting XSS vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter...

Cross site scripting

Cross-Site Scripting XSS vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter...

CVE-2018-15585

GNUBOARD5 before 5.3.1.6 is affected by an XSS in newwinform.php via the popup title parameter. The issue enables remote attackers to inject arbitrary script/HTML in web pages. Affected product: GNUBOARD5; vulnerable component: newwinform.php (popup title). Root cause is unvalidated input in the ...

PT-2019-9131 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 versions prior to 5.3.1.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the popup title parameter in the newwinform.php file. This enables attackers to perform Cross-Site Scripting XSS...