Description

Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion 6.01.17 and 7.00.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2008-6850

Related Vulnerabilities

WordPress 4.5.x PHP Object Injection (4.5 - 4.5.23)

PHP Other Vulnerability (CVE-2007-1375)

Oracle Database Server CVE-2014-6455 Vulnerability (CVE-2014-6455)

MediaWiki Credentials Management Errors Vulnerability (CVE-2015-8626)

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)

Severity

Medium

Classification

CVE-2008-6850 CWE-707

Tags

Missing Update Known Vulnerabilities