The vulnerability of the PHP-Fusion CMS’s “scenario” implementation (administration/settings_main.php), which allows attackers to execute cross-site scenario attacks.
The vulnerability of the PHP-Fusion CMS system’s “administration/settingsmain.php” script relates to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...