Woltlab: >> Burning Board >> 3.0.5 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back in an error message.
CVSS Score
4.3
EPSS Score
0.005
Published
2008-04-09
WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.
CVSS Score
5.0
EPSS Score
0.005
Published
2008-04-09