Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 allows remote malicious users to inject arbitrary web script or HTML via a news post, which is stored in news/ without sanitization.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stphp easynews 4.0 |