Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in MKPortal 1.1 Rc1 and earlier, as used with vBulletin 3.5.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) u1, (2) m1, (3) m2, (4) m3, (5) m4 parameters.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-04-27T10:00:00
Updated: 2024-08-07T17:35:31.199Z
Reserved: 2006-04-26T00:00:00
Link: CVE-2006-2066
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-04-27T13:34:00.000
Modified: 2024-11-21T00:10:28.637
Link: CVE-2006-2066
Redhat
No data.