Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-09-06T21:00:00Z

Updated: 2024-09-17T01:40:54.152Z

Reserved: 2012-09-06T00:00:00Z

Link: CVE-2012-4873

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2012-09-06T21:55:02.877

Modified: 2012-09-10T04:00:00.000

Link: CVE-2012-4873

cve-icon Redhat

No data.