Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and previous versions, P up board 1.38 and other versions, P diary R 1.13 and previous versions, P link 1.11 and previous versions, P link compact 1.04 and previous versions, pplog 3.31 and previous versions, pplog2 3.37 and previous versions, PM bbs 1.07 and previous versions, PM up bbs 1.08 and previous versions, and PM forum 1.18 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
rocomotion pm bbs |
||
rocomotion pplog 2 |
||
rocomotion p forum |
||
rocomotion p diary r |
||
rocomotion pm forum |
||
rocomotion p link compact |
||
rocomotion pplog |
||
rocomotion p board |
||
rocomotion p link |
||
rocomotion p up board |
Vulmon