Unrated severityNVD Advisory· Published Aug 16, 2004· Updated Apr 16, 2026

CVE-2004-1716

Description

Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile.

Affected products

Powie/Pforum2 versions
cpe:2.3:a:powie:pforum:1.24:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:powie:pforum:1.24:*:*:*:*:*:*:*
- cpe:2.3:a:powie:pforum:1.25:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/12317/nvdExploitPatchVendor Advisory
www.kb.cert.org/vuls/id/674542nvdExploitPatchThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/10954nvdExploitPatchVendor Advisory
www.osvdb.org/8985nvdVendor Advisory
marc.infonvd
www.pscript.de/news/index.phpnvd
exchange.xforce.ibmcloud.com/vulnerabilities/17003nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000