WEB APPLICATION VULNERABILITIES Standard & Premium

PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17450)

Description

PHP-Fusion 9.03 allows XSS on the preview page.

Remediation

References

Related Vulnerabilities

Oracle JRE CVE-2013-5824 Vulnerability (CVE-2013-5824)

WordPress Plugin Auto Featured Image Arbitrary File Upload (1.2)

WordPress Plugin Real3D FlipBook Multiple Vulnerabilities (2.18.8)

WordPress Plugin YITH Advanced Refund System for WooCommerce Security Bypass (1.0.10)

WordPress Plugin Synchi Arbitrary File Deletion (5.1)

Severity

Medium

Classification

CVE-2020-17450 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities