JosephErnest Void Contains A Cross-Site Scripting Vulnerability
23 Feb. 2016
Summary
Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
Vulnerable Systems:
* JosephErnest Void before 2015-10-02
Immune Systems:
* JosephErnest Void after 2015-10-02
Void is an open source content management system (CMS). Void contains a cross-site scripting vulnerability. An arbitrary script may be executed on the user's web browser.