← back
CVE-2013-5309

CVE-2013-5309

EPSS 1.2%
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from third party information.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/54293https://exchange.xforce.ibmcloud.com/vulnerabilities/86030http://sourceforge.net/p/fudforum/code/5589/