PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php_fusion | Php_fusion | 4.00 (including) | 4.00 (including) |
| Php_fusion | Php_fusion | 4.01 (including) | 4.01 (including) |
| Php_fusion | Php_fusion | 5.0 (including) | 5.0 (including) |
| Php_fusion | Php_fusion | 5.01_service_pack (including) | 5.01_service_pack (including) |
| Php_fusion | Php_fusion | 6.0.105 (including) | 6.0.105 (including) |
| Php_fusion | Php_fusion | 6.0.106 (including) | 6.0.106 (including) |