CVE-2017-9252

2017-05-28T16:29:00
ID CVE-2017-9252
Type cve
Reporter NVD
Modified 2017-06-08T09:48:25

Description

andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the search page via the text-search parameter to index.php in a route=search action.