Php Fusion · Php-Fusion · CVE-2006-0593
**Name of the Vulnerable Software and Affected Versions**
PHP-Fusion versions prior to 6.00.304
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `shout name` field in "shoutbox panel.php" and the `comments` field in "comments include.php".
**Recommendations**
For versions prior to 6.00.304, update to version 6.00.304 or later to resolve the issue.