Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the sortby parameter.
Software | From | Fixed in |
---|---|---|
xoops / xm-memberstats | 2.0 | 2.0.x |