Full Disclosure

Reflecting XSS vulnerability in filemanager of CMS b2evolution v. 5.2.0

Leave a comment

Posted by Steffen Rösemann on Jan 13

Advisory: Reflecting XSS vulnerability in CMS filemanager of b2evolution v.
5.2.0
Advisory ID: SROEADV-2014-09
Author: Steffen Rösemann
Affected Software: CMS b2evolution v. 5.2.0 (Release-Date: 6th-Dec-2014)
Vendor URL: http://b2evolution.net/
Vendor Status: did not respond to issue
CVE-ID: –

==========================
Vulnerability Description:
==========================

The filemanager of b2evolution v. 5.2.0 is prone to reflecting XSS…

Leave a Reply