Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters.
Software | From | Fixed in |
---|---|---|
phpoutsourcing / zorum | 3.3 | 3.3.x |
phpoutsourcing / zorum | 3.4 | 3.4.x |
phpoutsourcing / zorum | 3.5 | 3.5.x |