CVE-2017-14347
NexusPHP 1.5.beta5.20120707 is affected by an XSS vulnerability in the returnto parameter of fun.php during a delete action. Descriptions in CVE records and CNVD/NVD references indicate the issue allows script injection in NexusPHP’s admin-facing flow, with CNVD noting potential to obtain the adm...