Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2003-12-30 21:00
Updated : 2017-07-28 18:29
NVD link : CVE-2003-1453
Mitre link : CVE-2003-1453
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
xoops
- xoops