XMB Forum Software
Not logged in [Login - Register]
Search the forums Search   Frequently Asked Questions FAQ   View member list Member List   Today's Posts Today's Posts   Forum Stats Stats   Board Rules Board Rules  Download Download   SVN SVN   Bugs Bugs   Docs Docs  Back to: XMB Forum Home Page
XMB Forum Software » Support » Fixes / Patches » [Security < 1.9.10] CVE-2004-1862 Go To Bottom

Printable Version  
Author: Subject: [Security < 1.9.10] CVE-2004-1862
miqrogroove
XMB 1.9.12 Lead Developer
*********

Avatar


Posts: 460
Registered: 10-1-2002
Location: Florida
Member Is Offline

Mood: Past Three O'Clock

[*] posted on 5-9-2021 at 04:41 PM
[Security < 1.9.10] CVE-2004-1862

Bug Source: XMB 1.9.9 and older

Symptoms: Unexpected output, Javascript compromise (XSS)

Security Impact: High

ID: CVE-2004-1862

Fixed By: XMB 1.9.10 and later are not affected.

Discussion:

Multiple exploits reported to Bugtraq in 2004 were evaluated by XMB staff in 2008. Of primary concern, the reported "XSS in post.php" had not been resolved and was still valid for one or more defects. The post.php file was reorganized in 2008 and released with version 1.9.10 to implement better I/O filtering. There were no hotfixes for old versions because the necessary changes were incompatible with existing customizations.

Recommendations:
View user's profile Visit user's homepage View All Posts By User

 XMB Forum Software » Support » Fixes / Patches » [Security < 1.9.10] CVE-2004-1862   Go To Top

Powered by XMB 1.9.12 (Debug Mode)
XMB Forum Software © 2001-2024 The XMB Group
[Queries: 16] [PHP: 65.9% - SQL: 34.1%]