SSCHADV2011-035 - PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability
Advisory:
|
PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability
|
Advisory ID:
|
SSCHADV2011-035
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on PHP-SCMS 1.6.8
|
Vendor URL:
|
|
Vendor Status:
|
unpatched (no vendor feedback)
|
|
|
======================
Vulnerability Description:
======================
Vulnerability Description:
======================
PHP-SCMS "lang" parameter is prone to a XSS vulnerability