CVE-2017-7944

CVE-2017-7944

EPSS 0.8%

XOOPS Core 2.5.8.1 has XSS due to unescaped HTML output of an Install DB failure error message in page_dbsettings.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://tsublogs.wordpress.com/2017/04/24/xoops-core-2-5-8-1-install-db-cross-site-scripting/http://www.securityfocus.com/bid/97978