Cross-Site Scripting (XSS) Vulnerability in b3log Symphony (aka Sym) 2.2.0

Cross-Site Scripting (XSS) Vulnerability in b3log Symphony (aka Sym) 2.2.0

CVE-2017-16956 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

b3log Symphony (aka Sym) 2.2.0 allows an XSS attack by sending a private letter with a certain /article URI, and a second private letter with a modified title.

Learn more about our Web Application Penetration Testing UK.