CVE-2005-2322 Information

Description

Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2 and Clever Copy with forums installed allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php.

Reference

http://lostmon.blogspot.com/2005/07/class-1-forum-software-cross-site.html http://secunia.com/advisories/16078 http://securitytracker.com/id?1014485 http://securitytracker.com/id?1014486 http://www.osvdb.org/17920 http://www.securityfocus.com/bid/14261