Yet Another XSS Vulnerability in PHP-Nuke
Date: Tuesday, February 04 @ 01:23:09 CET Topic: Security
Forward from bugtraq:
-------------------------------------------
Affected Versions:
PHP Nuke versionh 6.0 and below
Unaffected version:
PHP Nuke 6.5
Impact:
-------------------------------------------
Allows any user to inject their own HTML or Java code instead of an avatar
image. This can lead to very annoying forum posts, and the usual XSS tricks.
|
|