Fork CMS 3.2.7 Multiple HTML Code Injection Vulnerabilities

Fork CMS suffers from multiple XSS vulnerabilities when parsing user input to several parameters in different scripts, via POST and GET methods. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user’s browser session.

Advisory ID: ZSL-2012-5076
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5076.php

Comment are closed.