Possible Bug in PHP-Fusion 6.0.204

2005.10.24
Risk: Low
Local: No
Remote: Yes
CWE: N/A


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

There is a Bug in The News-System: Post something like: <me<meta>ta http-equiv = "refresh" content = "1; URL = http://www.google.com"> and you'll be redirected to google. Possible Solution: use a recursive function to filter metatags.


Vote for this issue:
50%
50%

Comment it here.

Copyright 2025, cxsecurity.com

 

Back to Top