PT-2019-7016 · Simple Machines · Simple Machines Forum
Haunt It
·
Publicado
2019-03-07
·
Atualizado
2019-03-08
·
CVE-2013-7467
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Simple Machines Forum (SMF) version 2.0.4
Description
The issue allows for XSS via the
index.php?action=pm;sa=settings;save sa parameter. This means an attacker could potentially inject malicious scripts into the website, affecting user sessions.Recommendations
For Simple Machines Forum (SMF) version 2.0.4, update to a newer version that contains a fix for this issue.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Simple Machines Forum