4 matches found
CVE-2011-3984
CVE-2011-3984 is an XSS vulnerability in KENT-WEB WEB FORUM (versions 5.1 and earlier) that can be triggered via web form entries to inject arbitrary script/HTML. Public details indicate remote injection possibilities, with related entries noting multiple XSS issues in the same product. Remediati...
CVE-2011-3383
CVE-2011-3383 concerns a cross-site scripting (XSS) vulnerability in the KENT-WEB WEB FORUM product up to version 5.1 and earlier. The issue, described as an XSS allowing remote attackers to inject arbitrary web script or HTML via vectors related to “the web page to be output,” affects the web fo...
CVE-2011-4172
KENT-WEB WEB FORUM (before 5.1) is affected by multiple XSS vulnerabilities that allow remote attackers to inject arbitrary scripts via the email address field or cookies. Root cause: improper sanitization/execution context in the vulnerable web output. Impact: potential credential theft, session...
CVE-2011-3983
The CVE-2011-3983 entry describes a cross-site scripting (XSS) flaw in KENT-WEB WEB FORUM (versions 5.1 and earlier) where an attacker can inject arbitrary script or HTML via cookies (also noted via an email field in related advisories). The connected sources corroborate that the vulnerability af...