CVE-2013-6804

Jamroom Search Module < 1.1.0 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Search module before 1.1.1 for Jamroom allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to search/results/all/1/4.

References (4)

[Vendor Advisory] http://secunia.com/advisories/55886

[Exploit] https://www.htbridge.com/advisory/HTB23184

[Various Sources] https://www.jamroom.net/the-jamroom-network/networkmarket/43/search/expanded_changelog=1

[Various Sources] https://www.jamroom.net/the-jamroom-network/tracker/128/xss-vulnerability-in-search-module

Scores

EPSS 0.0029

EPSS Percentile 51.7%

Details

CWE

CWE-79

Status published

Products (3)

jamroom/search_module < 1.1.0

jamroom/search_module

n/a/n/a

Published Dec 05, 2013

Tracked Since Feb 18, 2026