Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.12 JP and previous versions, XOOPS 2.0.13.1 and previous versions, and 2.2.x up to 2.2.3 RC1 allow remote malicious users to inject arbitrary web script or HTML via (1) modules that use "XOOPS Code" and (2) newbb in the forum module.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xoops xoops |