Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows remote malicious users to inject arbitrary web script or HTML by uploading a Flash (.SWF) video that contains a getURL function call, which causes the video to be rendered without disabling ActionScript.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xmb software xmb forum 1.9.5 |