PHP-Nuke ‘friend.php’ module allows cross-site scripting

December 26, 2001

Author: JT Smith

C’est la vie writes: “Description: A cross-site scripting vulnerability was reported in the PHP-Nuke ‘friend.php’ module. A remote user can write HTML code containing malicious javascript that, if executed on another user’s browser, will execute in the security zone of a web site running PHP-Nuke. More at: SecurityTracker“

Category:

Linux

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR