Unrated severityNVD Advisory· Published Jan 15, 2008· Updated Jun 16, 2026
CVE-2008-0284
CVE-2008-0284
Description
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments.
Affected products
3cpe:2.3:a:simple_machines:simple_machines_smf:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:simple_machines:simple_machines_smf:*:*:*:*:*:*:*:*range: <=1.1.4
- (no CPE)range: <=1.1.4
- Range: <=1.1.4
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.