VYPR
Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026

CVE-2004-1863

CVE-2004-1863

Description

Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.php, and (5) an arbitrary parameter in phpinfo.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • XMB Forum/Xmb3 versions
    cpe:2.3:a:xmb_forum:xmb:1.8_sp3:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:xmb_forum:xmb:1.8_sp3:*:*:*:*:*:*:*
    • cpe:2.3:a:xmb_forum:xmb:1.9_beta:*:*:*:*:*:*:*
    • (no CPE)range: = 1.9 beta

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.