Published: 24/02/2012 Updated: 11/01/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions prior to 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.

Affected Products

Vendor Product Versions
Fork-cmsFork Cms3.2.4