A vulnerability was found in GZ Scripts GZ Forum Script 1.8 and classified as problematic. Affected by this issue is some unknown functionality of the file /preview.php. The manipulation of the argument catid/topicid/topic/topic_message/free_name leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-233348. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
Link | Resource |
---|---|
https://vuldb.com/?ctiid.233348 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.233348 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2023-07-10 16:15
Updated : 2024-05-17 02:27
NVD link : CVE-2023-3554
Mitre link : CVE-2023-3554
CVE.ORG link : CVE-2023-3554
JSON object : View
Products Affected
gzscripts
- gz_forum_script
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')