Description
Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form.
Exploits (1)
References (4)
Core 4
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-12/0225.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10920
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-12/0222.html
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6464
Scores
EPSS
0.0066
EPSS Percentile
71.2%
Details
Status
published
Products (1)
w-agora/w-agora
4.1.5
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026