CVE-2002-1802

Name of the Vulnerable Software and Affected Versions Xoops version 1.0 RC3

Description The issue allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news, which can lead to cross-site scripting (XSS).

Recommendations For Xoops version 1.0 RC3, consider disabling the submission of news that includes Javascript in IMG tags until a patch is available. Restrict access to news submission to minimize the risk of exploitation. Avoid using Javascript in IMG tags in the affected version to prevent potential XSS attacks.