VULHUB ™

SlashCode is a bulletin board, discussion and portal framework. It is widely used, and is behind the popular Slashdot page. Reportedly, a script injection vulnerability exists in some CVS versions of SlashCode. It may be possible for a malicious user of the system to inject arbitrary HTML code into content generated by the SlashCode system. Supplied script code may access authentication credentials, or take actions as an authenticated user. ** It has been reported that this issue only exists in CVS versions of SlashCode from between June 17 and July 1 2002.

SlashCode is a bulletin board, discussion and portal framework. It is widely used, and is behind the popular Slashdot page. Reportedly, a script injection vulnerability exists in some CVS versions of SlashCode. It may be possible for a malicious user of the system to inject arbitrary HTML code into content generated by the SlashCode system. Supplied script code may access authentication credentials, or take actions as an authenticated user. ** It has been reported that this issue only exists in CVS versions of SlashCode from between June 17 and July 1 2002.