CVE-2001-1521 — Cross-site Scripting in Software Foundation Postnuke

3 documents3 sources

Severity

2.6LOWNVD

EPSS

0.3%

top 42.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Postnuke Software Foundation Postnuke

Timeline

PublishedDec 31

Latest updateApr 30

Description

Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

▶NVDpostnuke_software_foundation/postnuke0.62, 0.63, 0.64+2

🔴Vulnerability Details

GHSA

GHSA-vmch-wc4m-mjqj: Cross-site scripting (XSS) vulnerability in user↗2022-04-30

▶

CVEList

CVE-2001-1521: Cross-site scripting (XSS) vulnerability in user↗2005-07-14

▶