Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

mvnForum < 1.0 RC4_03 Search Parameter XSS

Medium

Synopsis

The remote host is running a vulnerable version of mvnForum, a web-based bulletin board.

Description

The remote host is running mvnForum, a web-based bulletin board. This version of mvnForum is vulnerable to a Cross-Site Scripting (XSS) attack. An attacker exploiting this flaw would need to entice a user into browsing a malicious URI. Successful exploitation could lead to disclosure of confidential information (such as cookies).

Solution

Upgrade to version 1.0 RC4_03 or higher.