Vulners
Lucene search
Fiyo CMS 2.0.6.1 Cross Site Scripting
🗓️ 29 Feb 2016 00:00:00Reported by Himanshu MehtaType 
packetstorm🔗 packetstormsecurity.com👁 17 Views
`*1. Introduction*
Affected Product: Fiyo CMS 2.0.6.1
Fixed in: 2.0.6.2
Vendor Website: http://www.fiyo.org/
Vulnerability Type: XSS
Remote Exploitable: Yes
*2. Overview*
There are multiple XSS vulnerabilities in Fiyo CMS 2.0.6.1. The
vulnerabilities exist due to insufficient filtration of user-supplied data.
A remote attacker can execute arbitrary HTML and script code in browser in
context of the vulnerable application.
*3. Affected Modules*
Affected fields in the modules are listed below:
i. Module: Dashboard->Users ->User List
Section: User Group
Field: Group Name
ii. Module: Dashboard->Users->New User
Section: Login Data
Field: Nama Lengkap
*4. Payload*
<script>alert('XSS')</script>
*5. Credit*
Himanshu Mehta
[email protected]
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Feb 2016 00:00Current
0.2Low risk
Vulners AI Score0.2