Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter.
2008-01-08T19:46:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | snitz_communications | snitz_forums_2000 | ≤ 3.4.06 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.0 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.1 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.1 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.2.03 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.3 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.3.01 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.3.02 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.3.03 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.4.02 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.4.03 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.4.04 | Yes |
| Application | snitz_communications | snitz_forums_2000 | 3.4.05 | Yes |