Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) BackPack 0.91 and previous versions, (2) BmSurvey 0.84 and previous versions, (3) newbb_fileup 1.83 and previous versions, (4) News_embed (news_fileup) 1.44 and previous versions, and (5) PopnupBlog 3.19 and previous versions modules for XOOPS 2.0.x, XOOPS Cube 2.1, and ImpressCMS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xoops xoops cube 2.1 |
||
bluemoon backpack |
||
bluemoon news fileup |
||
bluemoon popnupblog |
||
bluemoon bmsurvey |
||
bluemoon newbb fileup |
||
xoops xoops 2.0 |