CVE-2003-0375 - Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows

CVE-2003-0375

Summary

Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter.

References

Vulnerable Configurations

cpe:2.3:a:xmb_forum:xmb:1.6:*:*:*:*:*:*:*
cpe:2.3:a:xmb_forum:xmb:1.6:*:*:*:*:*:*:*
cpe:2.3:a:xmb_forum:xmb:1.8:*:*:*:*:*:*:*
cpe:2.3:a:xmb_forum:xmb:1.8:*:*:*:*:*:*:*
cpe:2.3:a:xmb_forum:xmb:1.11:*:*:*:*:*:*:*
cpe:2.3:a:xmb_forum:xmb:1.11:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 29-04-2021 - 15:15)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

refmap via4

bid	7662
bugtraq	20030522 XMB 1.8 Partagium cross site scripting vulnerability
misc	http://forums.xmbforum.com/viewthread.php?tid=773046

statements via4

contributor
lastmodified	2008-12-11
organization	XMB
statement	XMB versions 1.9.8 and later were checked and are not vulnerable.

Last major update

29-04-2021 - 15:15

Published

16-06-2003 - 04:00

Last modified

29-04-2021 - 15:15