CVE-2017-0378
N/A
N/A
Summary
XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | phamm before 0.6.7 | phamm before 0.6.7 | affected |
Weaknesses
- XSS
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/99927
- http://www.openwall.com/lists/oss-security/2017/07/20/3
- https://github.com/lota/phamm/issues/21
- https://bugs.debian.org/868988
- http://www.phamm.org/docs/CHANGELOG
References
- http://www.securityfocus.com/bid/99927
- http://www.openwall.com/lists/oss-security/2017/07/20/3
- https://github.com/lota/phamm/issues/21
- https://bugs.debian.org/868988
- http://www.phamm.org/docs/CHANGELOG
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.