RSS   Vulnerabilities for 'Scarecrow'   RSS

2005-12-16
 
CVE-2005-4307

 

 
Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi.

 


Copyright 2024, cxsecurity.com

 

Back to Top