Description
Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043.
Remediation
References
Related Vulnerabilities
Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-6528)
MySQL CVE-2019-2998 Vulnerability (CVE-2019-2998)
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2019-20406)
WordPress Plugin Coupon Creator Cross-Site Request Forgery (3.1)