VULHUB ™

newsPHP is prone to HTML injection attacks. The vulnerability exists due to insufficient sanitization of malicious HTML code in user-supplied comments. HTML and script code may be echoed back when an existing user views any malicious comments. It is possible that code injected through this issue could be displayed and rendered by other newsPHP forum users.

newsPHP is prone to HTML injection attacks. The vulnerability exists due to insufficient sanitization of malicious HTML code in user-supplied comments. HTML and script code may be echoed back when an existing user views any malicious comments. It is possible that code injected through this issue could be displayed and rendered by other newsPHP forum users.