Multiple cross-site scripting (XSS) vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Redirect parameter to login.asp and the (2) OrderBy parameter to member_send.asp.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-04-18T22:00:00
Updated: 2024-08-07T08:40:59.865Z
Reserved: 2008-04-18T00:00:00
Link: CVE-2008-1896
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-04-18T22:05:00.000
Modified: 2024-11-21T00:45:36.570
Link: CVE-2008-1896
Redhat
No data.