Cross-Site Scripting (XSS) Vulnerability in b3log Symphony (aka Sym) 2.2.0
CVE-2017-16956 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
b3log Symphony (aka Sym) 2.2.0 allows an XSS attack by sending a private letter with a certain /article URI, and a second private letter with a modified title.
Learn more about our Web Application Penetration Testing UK.