Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $_COOKIE PHP variable, which is not cleansed by PHP-Nuke.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gbook | Martin_bauer | * | * |
Gbook | Martin_bauer | 1.4 (including) | 1.4 (including) |