Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote malicious users to inject arbitrary HTML or web script via the (1) cat parameter in a CatView function or (2) jokeid parameter in a JokeView function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adam webb nukejokes 1.7 |
||
adam webb nukejokes 2.0_beta |