Description
A stored cross site scripting (XSS) vulnerability in administration/settings_main.php of PHP-Fusion 9.03.50 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Site footer" field.
Remediation
References
Related Vulnerabilities
WordPress Plugin Slimstat Analytics Cross-Site Scripting (4.1.5.2)
WordPress Plugin Real-Time Find and Replace Cross-Site Request Forgery (3.9)
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
WordPress Plugin Lazyest Gallery 'image' Parameter Cross-Site Scripting (1.0.28)
OpenSSL Resource Management Errors Vulnerability (CVE-2014-3507)