VYPR
Unrated severityNVD Advisory· Published Mar 26, 2004· Updated Jun 16, 2026

CVE-2004-1862

CVE-2004-1862

Description

Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, replymost, or latest parameter to stats.php, (4) message or icons parameter to post.php, (5) threadlist, pagelinks, forumlist, navigation, or (6) forumdisplay parameter to forumdisplay.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • XMB Forum/Xmb3 versions
    cpe:2.3:a:xmb_forum:xmb:1.8_sp3:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:xmb_forum:xmb:1.8_sp3:*:*:*:*:*:*:*
    • cpe:2.3:a:xmb_forum:xmb:1.9_beta:*:*:*:*:*:*:*
    • (no CPE)range: <= 1.8 SP3, = 1.9 beta

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.