PT-2009-5597 · Php+2 · Php Rss Builder+5
Takayoshi Isayama
·
Published
2009-09-22
·
Updated
2009-09-22
·
CVE-2009-3283
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
phpspot PHP BBS versions prior to 20090914
PHP Image Capture BBS versions prior to 20090914
PHP & CSS BBS versions prior to 20090914
PHP BBS CE versions prior to 20090914
PHP RSS Builder versions prior to 20090914
webshot versions prior to 20090914
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to cookies.
Recommendations
For phpspot PHP BBS versions prior to 20090914, update to a version released after 20090914.
For PHP Image Capture BBS versions prior to 20090914, update to a version released after 20090914.
For PHP & CSS BBS versions prior to 20090914, update to a version released after 20090914.
For PHP BBS CE versions prior to 20090914, update to a version released after 20090914.
For PHP RSS Builder versions prior to 20090914, update to a version released after 20090914.
For webshot versions prior to 20090914, update to a version released after 20090914.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php & Css Bbs
Php Bbs Ce
Php Image Capture Bbs
Php Rss Builder
Phpspot Php Bbs
Webshot