Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary script as other users by injecting arbitrary script into the z parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
4nalbum_module | Warpspeed | 0.92 (including) | 0.92 (including) |