2 matches found
CVE-2017-6511
andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in index.php because of missing validation of the action parameter in application/classes/application.php...
CVE-2017-6511
Affected software: andrzuk/FineCMS (versions before 2017-03-06). Vulnerability: reflected XSS in index.php due to missing validation of the action parameter in application/classes/application.php. Impact (as stated): allows reflected XSS, with no other impacts detailed in the provided documents. ...