CVE-2010-3931

Name of the Vulnerable Software and Affected Versions Rocomotion P board versions 1.18 and earlier Rocomotion P forum versions 1.30 and earlier Rocomotion P up board versions 1.38 and earlier Rocomotion P diary R versions 1.13 and earlier Rocomotion P link versions 1.11 and earlier Rocomotion P link compact versions 1.04 and earlier Rocomotion pplog versions 3.31 and earlier Rocomotion pplog2 versions 3.37 and earlier Rocomotion PM bbs versions 1.07 and earlier Rocomotion PM up bbs versions 1.08 and earlier Rocomotion PM forum versions 1.18 and earlier

Description A cross-site scripting (XSS) issue affects multiple Rocomotion products, allowing remote attackers to inject arbitrary web script or HTML. The exact vectors used for the attack are not specified.

Recommendations For Rocomotion P board versions 1.18 and earlier, update to a version that includes a fix for this issue. For Rocomotion P forum versions 1.30 and earlier, update to a version that includes a fix for this issue. For Rocomotion P up board versions 1.38 and earlier, update to a version that includes a fix for this issue. For Rocomotion P diary R versions 1.13 and earlier, update to a version that includes a fix for this issue. For Rocomotion P link versions 1.11 and earlier, update to a version that includes a fix for this issue. For Rocomotion P link compact versions 1.04 and earlier, update to a version that includes a fix for this issue. For Rocomotion pplog versions 3.31 and earlier, update to a version that includes a fix for this issue. For Rocomotion pplog2 versions 3.37 and earlier, update to a version that includes a fix for this issue. For Rocomotion PM bbs versions 1.07 and earlier, update to a version that includes a fix for this issue. For Rocomotion PM up bbs versions 1.08 and earlier, update to a version that includes a fix for this issue. For Rocomotion PM forum versions 1.18 and earlier, update to a version that includes a fix for this issue.