Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| askbot | askbot | * |
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| askbot | askbot | 0.7.45 |
| askbot | askbot | 0.7.40 |
| askbot | askbot | 0.7.44 |
| askbot | askbot | * |
| askbot | askbot | 0.7.42 |
| askbot | askbot | 0.7.46 |
| askbot | askbot | 0.7.41 |
| askbot | askbot | 0.7.43 |
| askbot | askbot | 0.7.47 |
Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| askbot | askbot | 0.7.51 |