Cross-Site Scripting (XSS) Vulnerability in Phamm Login Form Function

Cross-Site Scripting (XSS) Vulnerability in Phamm Login Form Function

CVE-2017-0378 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php.

Learn more about our Web Application Penetration Testing UK.