3 matches found
TDForum does not adequately validate user input thereby allowing users to embed malicious script code in messages
Overview TDForum does not properly filter HTML scripting tags from user input, allowing users to post malicious scripts that may be executed unwittingly by other users. Description TDForum is a commercial software package providing dynamic web forum capabilities. Versions 1.2 and earlier of TDFor...
CVE-2001-0970
Cross-site scripting vulnerability in TDForum 1.2 CGI script tdforum12.cgi allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script...
CVE-2001-0970
Cross-site scripting vulnerability in TDForum 1.2 CGI script tdforum12.cgi allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script...