francoisjacquet/rosariosis is vulnerable to stored cross-site scripting (XSS) attacks. The PreparePHP_SELF
function incorrectly neutralizes user-controllable inputs allowing a remote attacker to inject and execute harmful javascript.
CPE | Name | Operator | Version |
---|---|---|---|
francoisjacquet/rosariosis | le | v8.9.6 | |
francoisjacquet/rosariosis | le | v8.9.6 |