Multiple cross-site scripting (XSS) vulnerabilities in SKForum 1.5 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) areaID parameter in area.View.action, (2) time parameter in planning.View.action, and (3) userID parameter in user.View.action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sk soft skforum |