CVE-2017-12139
CVE-2017-12139 affects XOOPS Core 2.5.8 with a stored XSS in imagemanager.php due to missing MIME type validation in htdocs/class/uploader.php. The issue is caused by inadequate validation of uploaded content, enabling an attacker to inject malicious script when the affected page is viewed. Conne...