Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Thwboard | Thwboard | 2.8_beta |
References
- http://secunia.com/advisories/10120PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=195009Vendor Advisory
- http://www.osvdb.org/3077ExploitPatchVendor Advisory
- http://www.osvdb.org/4825ExploitPatchVendor Advisory
- http://www.osvdb.org/4826ExploitPatchVendor Advisory
- http://www.osvdb.org/4827ExploitPatchVendor Advisory
- http://www.osvdb.org/4828ExploitPatchVendor Advisory
- http://www.osvdb.org/4829ExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/8959Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13582
- http://secunia.com/advisories/10120PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=195009Vendor Advisory
- http://www.osvdb.org/3077ExploitPatchVendor Advisory
- http://www.osvdb.org/4825ExploitPatchVendor Advisory
- http://www.osvdb.org/4826ExploitPatchVendor Advisory
FAQ
What is CVE-2003-1184?
CVE-2003-1184 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld...
How severe is CVE-2003-1184?
CVE-2003-1184 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1184?
Check the references section above for vendor advisories and patch information. Affected products include: Thwboard Thwboard.