info
discussion
exploit
solution
references
B2Evolution Error Pages Multiple Cross-Site Scripting Vulnerabilities
Solution:
The vendor has released fixes for these issues. Please see the references for more information.
b2evolution b2evolution 1.9
b2evolution inc/VIEW/errors/_404_not_found.page.php - revision 1.8
http://evocms.cvs.sourceforge.net/*checkout*/evocms/b2evolution/blogs/ inc/VIEW/errors/_404_not_found.page.php
b2evolution inc/VIEW/errors/_410_stats_gone.page.php - revision 1.5
http://evocms.cvs.sourceforge.net/*checkout*/evocms/b2evolution/blogs/ inc/VIEW/errors/_410_stats_gone.page.php
b2evolution inc/VIEW/errors/_referer_spam.page.php - revision 1.7
http://evocms.cvs.sourceforge.net/*checkout*/evocms/b2evolution/blogs/ inc/VIEW/errors/_referer_spam.page.php
b2evolution b2evolution 1.8.2
b2evolution inc/VIEW/errors/_404_not_found.page.php - revision 1.8
http://evocms.cvs.sourceforge.net/*checkout*/evocms/b2evolution/blogs/ inc/VIEW/errors/_404_not_found.page.php
b2evolution inc/VIEW/errors/_410_stats_gone.page.php - revision 1.5
http://evocms.cvs.sourceforge.net/*checkout*/evocms/b2evolution/blogs/ inc/VIEW/errors/_410_stats_gone.page.php
b2evolution inc/VIEW/errors/_referer_spam.page.php - revision 1.7
http://evocms.cvs.sourceforge.net/*checkout*/evocms/b2evolution/blogs/ inc/VIEW/errors/_referer_spam.page.php
Privacy Statement
Copyright 2010, SecurityFocus
