Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert arbitrary HTML and web script.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| e-zone_media_inc. | fusetalk | 2.0 |
| e-zone_media_inc. | fusetalk | 3.0 |
Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| e-zone_media_inc. | fusetalk | 4.0 |
FuseTalk 4.0 allows remote attackers to ban other users via a direct request to banning.cfm.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| e-zone_media_inc. | fusetalk | 2.0 |
| e-zone_media_inc. | fusetalk | 3.0 |
| e-zone_media_inc. | fusetalk | 4.0 |