CVE-2017-9332

Publication date

2017-06-06 14:00:00

Family

mitre

State

PUBLISHED

Description

The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.