W. Ikram

Researcher fromSEC Consult Vulnerability Lab (Office Malaysia)

#21296of 53,632

11.5Total CVSS

Vulnerabilities · 2

Medium

2

Php Fusion · Php-Fusion · CVE-2020-17449

**Name of the Vulnerable Software and Affected Versions** PHP-Fusion version 9.03 **Description** The issue allows for cross-site scripting (XSS) via the error log file. **Recommendations** For PHP-Fusion version 9.03, update to a version that fixes this issue, as using the error log file can lead to XSS attacks.

Php Fusion · Php-Fusion · CVE-2020-17450

**Name of the Vulnerable Software and Affected Versions** PHP-Fusion version 9.03 **Description** The issue allows for XSS on the preview page. **Recommendations** For PHP-Fusion version 9.03, update to a version that contains a fix for this issue.