CVE-2020-36996

Name of the Vulnerable Software and Affected Versions PHPFusion version 9.03.50

Description PHPFusion contains a persistent cross-site scripting issue in the print.php page. The application does not properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages, which will execute when the print page is generated, allowing script execution in victim browsers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.