Required CVE Record Information
Description
Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules.
References 4 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- iss.net: nuked-klan-team-xss(11420) vdb-entryx_transferred
- archives.neohapsis.com: 20030318 Some XSS vulns mailing-listx_transferred
- archives.neohapsis.com: 20030221 [SCSA-006] XSS & Function Execution Vulnerabilities in Nuked-Klan mailing-listx_transferred
- securityfocus.com: 6916 vdb-entryx_transferred