Published: 14/09/2007 Updated: 15/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.10.20 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to forum_forum.php, or the search_string parameter to forum_text_search_action.php in a (2) titles or (3) bodies search.

Vulnerable Product	Search on Vulmon	Subscribe to Product
berkeley boinc forum

source: wwwsecurityfocuscom/bid/25644/info BOINC (Berkeley Open Infrastructure for Network Computing) is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i ...

source: wwwsecurityfocuscom/bid/25644/info BOINC (Berkeley Open Infrastructure for Network Computing) is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...

CWE-79 http://www.securityfocus.com/bid/25644 http://securityreason.com/securityalert/3139 https://exchange.xforce.ibmcloud.com/vulnerabilities/36577 http://www.securityfocus.com/archive/1/479182/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30575/

CVE-2007-4899

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect