ID AKB:FC9E0ABC-CAFB-4F50-9362-44285D1412FD
Type attackerkb
Reporter AttackerKB
Modified 2021-08-17T00:00:00


PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field.

Recent assessments:

nu11secur1ty at August 13, 2021 11:57am UTC reported:

Link: <>

Vulnerability parameter in profil.php “id_content”
NOTE: The same problem is in the demo account in the online version

Proof: <>

Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 5