MidnightBSD

Advisories for jonathan_bravata

CVE-2005-4307 MEDIUM

Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jonathan_bravata scarecrow 2.11
jonathan_bravata scarecrow *
jonathan_bravata scarecrow 2.00_beta
jonathan_bravata scarecrow 2.10
jonathan_bravata scarecrow 2.12
jonathan_bravata scarecrow 2.01_beta