5 matches found
CVE-2020-17449
PHP-Fusion 9.03 allows XSS via the errorlog file...
Design/Logic Flaw
PHP-Fusion 9.03 allows XSS via the errorlog file...
CVE-2020-17450
PHP-Fusion 9.03 allows XSS on the preview page...
CVE-2020-17449
PHP-Fusion 9.03 is affected by CVE-2020-17449, a cross-site scripting (XSS) vulnerability that can be triggered via the error_log file. The NVD lists CVSS v3.1 base score 5.4 (MEDIUM) with network vector, low privileges, user interaction required, and changed scope; CVSS v2 is 3.5 (LOW). No concr...
CVE-2020-17449
PHP-Fusion 9.03 allows XSS via the errorlog file...