Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) BackPack 0.91 and previous versions, (2) BmSurvey 0.84 and previous versions, (3) newbb_fileup 1.83 and previous versions, (4) News_embed (news_fileup) 1.44 and previous versions, and (5) PopnupBlog 3.19 and previous versions modules for XOOPS 2.0.x, XOOPS Cube 2.1, and ImpressCMS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xoops xoops cube 2.1 |
||
bluemoon popnupblog |
||
bluemoon newbb fileup |
||
bluemoon backpack |
||
bluemoon news fileup |
||
xoops xoops 2.0 |
||
bluemoon bmsurvey |