Affected versions of
fuelux contain a cross-site scripting vulnerability in the Pillbox feature. By supplying a script as a value for a new pillbox, it is possible to cause arbitrary script execution.
Update to version 3.15.7 or later.
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedJul 25th, 2016
reportedInitial report by Keenan JaenickeJul 25th, 2016