[VIM] Vendor ACK for Snitz Forums post.asp XSS

Steven M. Christey coley at mitre.org
Tue Nov 1 14:09:20 EST 2005

See CONFIRM reference below.

- Steve

Name: CVE-2005-3411
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3411
Reference: CONFIRM:http://forum.snitz.com/forum/topic.asp?TOPIC_ID=60011
Reference: BID:15241
Reference: URL:http://www.securityfocus.com/bid/15241
Reference: FRSIRT:ADV-2005-2261
Reference: URL:http://www.frsirt.com/english/advisories/2005/2261
Reference: SECUNIA:17385
Reference: URL:http://secunia.com/advisories/17385

Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums
2000 3.4.05 allows remote attackers to inject arbitrary web script or
HTML via the type parameter in a Topic method.

More information about the VIM mailing list