CVE-2017-0378
MEDIUMPhamm < 0.6.6 - XSS
Title source: ruleDescription
XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php.
References (5)
Scores
CVSS v3
6.1
EPSS
0.0054
EPSS Percentile
67.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (2)
phamm/phamm
< 0.6.6
n/a/phamm before 0.6.7
< phamm before 0.6.7
Published
Jul 20, 2017
Tracked Since
Feb 18, 2026