CVE-2017-12777

Name of the Vulnerable Software and Affected Versions NexusPHP version v1.5

Description A Cross-Site Scripting (XSS) issue exists, allowing for potential code injection. The issue is related to the usersearch.php endpoint, specifically through some parameter.

Recommendations For NexusPHP version v1.5, consider restricting access to the usersearch.php endpoint until a fix is available. Avoid using vulnerable parameters in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.