SixCMS.List.PHP.XSS

description-logoDescription

A Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter.

affected-products-logoAffected Products

SixCMS 6.0, and other versions before 6.0.6patch2.

Impact logoImpact

Cross Site Scripting.

recomended-action-logoRecommended Actions

The vulnerability has reportedly been fixed in version 6.0.6 patch2, which can be downloaded from the support site.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-09-27 13.459