CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-36996

MEDIUM
6.4
CVSS Severity Score
EPSS Score0.1380%
EPSS Percentile1.64th
Published2026年1月30日
Last Modified2026年4月15日

Vulnerability Description

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script execution in victim browsers.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://www.exploit-db.com/exploits/48497
🔗 https://www.php-fusion.co.uk/home.php
🔗 https://www.php-fusion.co.uk/php_fusion_9_downloads.php
🔗 https://www.vulncheck.com/advisories/phpfusion-persistent-cross-site-scripting

関連する脆弱性情報

CVE-2020-696210.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2020-696110.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...

CVE-2020-696310.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...