CVE-2001-1521

Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.

Published: Dec 31, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-1521
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.6
AV:N/AC:H/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
postnuke_software_foundation / postnuke	0.63	0.63.x
postnuke_software_foundation / postnuke	0.64	0.64.x
postnuke_software_foundation / postnuke	0.62	0.62.x

http://online.securityfocus.com/archive/1/245691
http://online.securityfocus.com/archive/82/243545
http://www.iss.net/security_center/static/7654.php
http://www.securityfocus.com/bid/3609

Vulnerability Database

289,697

CVE-2001-1521