PHP-Fusion.Cross-Site.Scripting.Vulnerability
Description
PHP-Fusion is an open source content management software available in various platform.
The application is vulnerable to a cross-site scripting attack due to a insufficient data validation while processing "Subject" test area field in contact.php.
Affected Products
PHP-Fusion Versions 6.00.306 and before
Impact
The vulnerable system can be compromised and has a risk of arbitrary code execution.
Recommended Actions
Please update to the latest version of PHP-Fusion.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |