ByteOS Network

NVD Vulnerability Details :

CVE-2004-2242

Deferred

Source-cve@mitre.org

Published At-31 Dec, 2004 | 05:00

Updated At-03 Apr, 2025 | 01:03

Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

phorum>>phorum>>5.0.7_beta

cpe:2.3:a:phorum:phorum:5.0.7_beta:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://phorum.org/cvs-changelog-5.txt	cve@mitre.org	N/A
http://securitytracker.com/id?1010787	cve@mitre.org	Exploit
http://www.securityfocus.com/bid/10822	cve@mitre.org	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16831	cve@mitre.org	N/A
http://phorum.org/cvs-changelog-5.txt	af854a3a-2127-422b-91ae-364da2661108	N/A
http://securitytracker.com/id?1010787	af854a3a-2127-422b-91ae-364da2661108	Exploit
http://www.securityfocus.com/bid/10822	af854a3a-2127-422b-91ae-364da2661108	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16831	af854a3a-2127-422b-91ae-364da2661108	N/A