Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and previous versions for Woltlab Burning Board (wBB) 2.x allow remote malicious users to inject arbitrary web script or HTML via the (1) userid parameter in (a) jgs_galerie_slideshow.php and (b) jgs_galerie_scroll.php, and the (2) katid parameter in (c) jgs_galerie_slideshow.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
woltlab burning board 2.1.5 |
||
woltlab burning board 2.2.1 |
||
woltlab burning board 2.0 |
||
woltlab burning board 2.0.3 |
||
woltlab burning board 2.2.2 |
||
woltlab burning board 2.2.3 |
||
jgs-xa jgs-gallery addon 4.0 |
||
woltlab burning board 2.3.0 |
||
woltlab burning board 2.3.1 |