The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2008-0016 Related Report None Severity HIGH Exploit Difficulty EASY Platform Affects all platforms supported by the vulnerable versions. Description HTML/Javascript injection. The H BB-Code uses the user-supplied tag option without properly cleaning it, allowing for arbitrary HTML attributes or other content to be inserted within the heading HTML tag.
Discovered August 2008 Resolved August 7, 2008 Patches Available 2.0.0
This page has been seen 3,571 times.
-
-
Created by on
-