ID CVE-2021-40541
Summary PHPFusion 9.03.110 is affected by cross-site scripting (XSS) in the preg patterns filter html tag without "//" in descript() function An authenticated user can trigger XSS by appending "//" in the end of text.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 11-10-2021 - 14:15
Published 11-10-2021 - 14:15
Last modified 11-10-2021 - 14:15
Back to Top