3 matches found
CVE-2017-5542
Cross-site scripting XSS vulnerability in template/usererror.missingextension.php in Symphony CMS before 2.6.10 allows remote attackers to inject arbitrary web script or HTML via the existing-folder parameter...
CVE-2017-5542
Cross-site scripting XSS vulnerability in template/usererror.missingextension.php in Symphony CMS before 2.6.10 allows remote attackers to inject arbitrary web script or HTML via the existing-folder parameter...
CVE-2017-5542
Symphony CMS Logitech? No. This CVE (CVE-2017-5542) affects Symphony CMS up to version 2.6.9, where a cross-site scripting (XSS) flaw exists in template/usererror.missing_extension.php. The vulnerability allows an attacker to inject arbitrary web script or HTML through the existing-folder paramet...