PT-2004-2736 · Unknown · Mod Survey

Niklas Deutschmann

Published

2004-12-31

Updated

2017-07-11

CVE-2004-1837

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Mod survey versions 3.0.x through 3.0.15 and versions 3.2.x through 3.1.x

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via certain survey fields or error messages for malformed query strings.

Recommendations For Mod survey versions 3.0.x through 3.0.15, update to version 3.0.16-pre2 or later. For Mod survey versions 3.2.x through 3.1.x, update to version 3.2.0-pre4 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1837

Affected Products

Mod Survey

PT-2004-2736 · Unknown · Mod Survey

CVE-2004-1837

Related Identifiers

Affected Products

References · 5