CVE-2017-10801
CVE-2017-10801 affects phpSocial (formerly phpDolphin) prior to 3.0.1. The vulnerability is a Cross-Site Scripting flaw in PATH_INFO for the search/tag/ endpoints, caused by improper handling of PATH_INFO input. Public sources describe that an attacker can inject arbitrary web script or HTML via ...