CVE-2002-2386

Published: Oct 31, 2007

Modified: Sep 16, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the SRC attribute of an IMG tag.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.blocus-zone.com/modules/news/article.php?storyid=180

x_refsource_MISC

20021110 xoops Quizz Module IMG bug

mailing-list

x_refsource_BUGTRAQ

xoops-quiz-module-xss(10594)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-2386

Description

Affected Products

References