JForum BBCode Color Tag HTML Injection Issue
27 August 2010
JForum is a discussion board system implemented in Java. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before using it in dynamically generated content. JForum version 2.08 is affected.
Ref: http://www.securityfocus.com/bid/42414
10.34.50 - CVE: Not Available
Platform: Web Application
JForum is a discussion board system implemented in Java. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before using it in dynamically generated content. JForum version 2.08 is affected.
Ref: http://www.securityfocus.com/bid/42414
10.34.50 - CVE: Not Available
Platform: Web Application
No comments:
Post a Comment