2 matches found
CVE-2005-4256
CVE-2005-4256 describes a cross-site scripting (XSS) vulnerability in ASP-DEV XM Forum RC3, specifically in forum.asp where the forum_title parameter can inject arbitrary script/HTML. Affected item is XM Forum RC3 (forum.asp handling). The core issue is an XSS in the forum_title parameter, enabli...
CVE-2005-1008
CVE-2005-1008 is an XSS vulnerability in ASP-DEv XM Forum RC3, affecting posts.asp where a javascript: URL in an IMG tag can inject arbitrary script/HTML. The OpenVAS/Nessus entries corroborate a cross-site scripting issue in this XM Forum component. The connected documents do not provide specifi...