CVE-2008-3316
Forum plugin <2.7.1 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the search feature in the Forum plugin before 2.7.1 for Geeklog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to (1) public_html/index.php, (2) config.php, and (3) functions.inc.
References (6)
Scores
EPSS
0.0047
EPSS Percentile
64.5%
Classification
CWE
CWE-79
Status
draft
Affected Products (2)
portalparts/forum_plugin
< 2.5
portalparts/forum_plugin
Timeline
Published
Jul 25, 2008
Tracked Since
Feb 18, 2026