Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote malicious users to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xoops xoops pool module |