Description

A vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting (Persistent). The attack can be initiated remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.

Remediation

References

CVE-2017-20034

Related Vulnerabilities

Jboss EAP Improper Input Validation Vulnerability (CVE-2018-1000873)

Joomla! Core 3.9.x Cross-Site Request Forgery (3.9.0 - 3.9.22)

WordPress Plugin Advanced Ads-Ad Manager & AdSense Cross-Site Scripting (1.17.3)

WordPress Plugin CSS & JavaScript Toolbox SQL Injection (9.2)

Oracle Application Server CVE-2008-0343 Vulnerability (CVE-2008-0343)

Severity

Medium

Classification

CVE-2017-20034 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities