FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Pligg CMS -- XSS Vulnerability

Affected packages
pligg <= 2.0.2,1


VuXML ID c290f093-c89e-11e6-821e-68f7288bdf41
Discovery 2015-05-13
Entry 2016-12-22

Netsparker reports:

Proof of Concept URL for XSS in Pligg CMS:

Page: groups.php

Parameter Name: keyword

Parameter Type: GET

Attack Pattern:'+alert(0x000D82)+'

For more information on cross-site scripting vulnerabilities read the article Cross-site Scripting (XSS).