PT-2007-5113 · Unknown · Husrevforum
Published
2007-07-18
·
Updated
2017-07-29
·
CVE-2007-3885
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
husrevforum version 1.0.1
Description:
A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the
searchterms parameter in the philboard search.asp file.Recommendations:
For version 1.0.1, avoid using the
searchterms parameter in the philboard search.asp file until the issue is resolved. As a temporary workaround, consider restricting access to the philboard search.asp file to minimize the risk of exploitation.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Husrevforum