Cross-Site Scripting Vulnerability in PForum Software by PScript
CVE-2004-1716

Currently unrated

Key Information:

Vendor

Powie

Status
Pforum
Vendor
CVE Published:
16 August 2004

What is CVE-2004-1716?

The PForum software prior to version 1.26 is susceptible to a cross-site scripting vulnerability that enables attackers to inject arbitrary web scripts or HTML into user profiles through the IRC Server or AIM ID fields. This weakness could be exploited by threat actors to execute malicious scripts in the context of users, potentially compromising sensitive information and user interactions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17003
vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=109267937212298&w=2
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/10954
vdb-entryx_refsource_BID

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.