Cross-site scripting (XSS) vulnerability in search.php in FarsiNews 2.5.3 Pro and previous versions allows remote malicious users to inject arbitrary web script or HTML via the selected_search_arch parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
farsinews farsinews 2.1 |
||
farsinews farsinews 2.1_beta2 |
||
farsinews farsinews 2.5 |
||
farsinews farsinews 2.5.3 |