VULHUB ™

A cross-site scripting vulnerability has been reported for PHP-Nuke. Due to insufficient sanitization of web requests it is possible for script code to be embedded in PHP script requests. By constructing a malicious link, it may be possible to execute arbitrary code within the context of a website visited by an unsuspecting user. This may allow a remote attacker to steal cookie-based authentication credentials.

A cross-site scripting vulnerability has been reported for PHP-Nuke. Due to insufficient sanitization of web requests it is possible for script code to be embedded in PHP script requests. By constructing a malicious link, it may be possible to execute arbitrary code within the context of a website visited by an unsuspecting user. This may allow a remote attacker to steal cookie-based authentication credentials.