Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.
References 6 Total
- securityfocus.com: 20030329 ScozBook BETA 1.1 vulnerabilities mailing-list
- secunia.com: 8476 third-party-advisory
- securityfocus.com: 7235 vdb-entry
- securityreason.com: 3781 third-party-advisory
- exchange.xforce.ibmcloud.com: scozbook-add-xss(11658) vdb-entry
- securitytracker.com: 1006413 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- securityfocus.com: 20030329 ScozBook BETA 1.1 vulnerabilities mailing-listx_transferred
- secunia.com: 8476 third-party-advisoryx_transferred
- securityfocus.com: 7235 vdb-entryx_transferred
- securityreason.com: 3781 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: scozbook-add-xss(11658) vdb-entryx_transferred
- securitytracker.com: 1006413 vdb-entryx_transferred