Description
Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter.
Exploits (1)
References (4)
Core 4
Core References
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1010787
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10822
Various Sources x_refsource_misc
http://phorum.org/cvs-changelog-5.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16831
Scores
EPSS
0.0066
EPSS Percentile
71.2%
Details
Status
published
Products (1)
phorum/phorum
5.0.7_beta
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026