CVE-2003-1453

Xoops - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.

Exploits (1)

exploitdb WRITEUP VERIFIED
by magistrat · textwebappsphp
https://www.exploit-db.com/exploits/22539

References (4)

Scores

EPSS 0.0056
EPSS Percentile 68.1%

Classification

CWE
CWE-79
Status draft

Affected Products (7)

xoops/xoops
xoops/xoops
xoops/xoops
xoops/xoops
xoops/xoops
xoops/xoops
xoops/xoops

Timeline

Published Dec 31, 2003
Tracked Since Feb 18, 2026