Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Myheadlines |
Phpnuke |
* |
4.3.1 |
References