VULHUB ™

PHP-Nuke 'reviews' module is prone to a cross-site scripting vulnerability. These issue could allow an attacker to steal cookie-based authentication credentials. It is reported that the application does not sanitize user-supplied data through the 'id' parameter. This vulnerability is likely to be fixed in the current versions of PHP-Nuke. This issue may have surfaced earlier, however, this has not been confirmed. This BID will be updated or retired as more information becomes available.

PHP-Nuke 'reviews' module is prone to a cross-site scripting vulnerability. These issue could allow an attacker to steal cookie-based authentication credentials. It is reported that the application does not sanitize user-supplied data through the 'id' parameter. This vulnerability is likely to be fixed in the current versions of PHP-Nuke. This issue may have surfaced earlier, however, this has not been confirmed. This BID will be updated or retired as more information becomes available.