Security Advisory

CVE-2021-40541

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-11 13:16:45

Last updated 2024-08-04 02:44:10

Assigner mitre

State PUBLISHED

Description

PHPFusion 9.03.110 is affected by cross-site scripting (XSS) in the preg patterns filter html tag without "//" in descript() function An authenticated user can trigger XSS by appending "//" in the end of text.

← Browse all CVEs View on cve.org ↗