CVE-2004-2720 Information

Description

Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter.

Reference

http://forum.snitz.com/forum/topic.asp?TOPIC_ID=53360 http://secunia.com/advisories/11895 http://securityreason.com/securityalert/3200 http://securitytracker.com/id?1010524 http://www.osvdb.org/7190 http://www.sec-tec.co.uk/vulnerability/snitzxss.html http://www.securityfocus.com/archive/1/366309 http://www.securityfocus.com/bid/10564 https://exchange.xforce.ibmcloud.com/vulnerabilities/16444