icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

mvnForum < 1.0 RC4_03 Search Parameter XSS

Medium

Synopsis

The remote host is running a vulnerable version of mvnForum, a web-based bulletin board.

Description

The remote host is running mvnForum, a web-based bulletin board. This version of mvnForum is vulnerable to a Cross-Site Scripting (XSS) attack. An attacker exploiting this flaw would need to entice a user into browsing a malicious URI. Successful exploitation could lead to disclosure of confidential information (such as cookies).

Solution

Upgrade to version 1.0 RC4_03 or higher.