6.1 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.0%
Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to index.php and the (2) returnURL parameter to tux-login.php.
osvdb.org/44917
secunia.com/advisories/30121
www.securityfocus.com/bid/29090
exchange.xforce.ibmcloud.com/vulnerabilities/42252
marc.info/?l=bugtraq&m=121019103418967&w=2