CVE-2017-0378

CVE-2017-0378

EPSS 1.5%

XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php.

Affected products

n/a · phamm before 0.6.7

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugs.debian.org/868988 https://github.com/lota/phamm/issues/21 http://www.openwall.com/lists/oss-security/2017/07/20/3 http://www.phamm.org/docs/CHANGELOG http://www.securityfocus.com/bid/99927