CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML
References
Configurations
History
21 Nov 2024, 05:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://anotepad.com/notes/2skndayt - Exploit, Third Party Advisory | |
References | () https://github.com/PHPFusion/PHPFusion/commit/08d6c2ea49bd06fcce32275252f5f25abe61965c - Patch, Third Party Advisory | |
References | () https://github.com/PHPFusion/PHPFusion/commit/1c2b32321cf11ed1cd3ff835f8da0d172c849ce6 - Patch, Third Party Advisory | |
References | () https://github.com/PHPFusion/PHPFusion/commit/da9f89ae70219f357fba6fffd2dae1ec886d8a3b - Patch, Third Party Advisory | |
References | () https://github.com/PHPFusion/PHPFusion/commit/fda266c3bb35c650a8c4c51b6923abdfb66ef5cd - Patch, Third Party Advisory |
25 Apr 2022, 20:16
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-352 |
Information
Published : 2021-04-29 15:15
Updated : 2024-11-21 05:59
NVD link : CVE-2021-28280
Mitre link : CVE-2021-28280
CVE.ORG link : CVE-2021-28280
JSON object : View
Products Affected
php-fusion
- phpfusion