CVE-2005-2322
published 2005-07-19CVE-2005-2322: Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary…
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.38%
68.7th percentile
Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| class-1 | class-1_forum | — | — |
| class-1 | class-1_forum | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lostmon.blogspot.com/2005/07/class-1-forum-software-cross-site.htmlhttp://secunia.com/advisories/16078http://securitytracker.com/id?1014485http://securitytracker.com/id?1014486http://www.osvdb.org/17920http://www.securityfocus.com/bid/14261http://lostmon.blogspot.com/2005/07/class-1-forum-software-cross-site.htmlhttp://secunia.com/advisories/16078http://securitytracker.com/id?1014485http://securitytracker.com/id?1014486http://www.osvdb.org/17920http://www.securityfocus.com/bid/14261
2005-07-19
Published