CVE-2022-36180 Information

Description

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection] /fusiondirectory/index.php?message=invalidparameter&plug=Injection] /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.

Reference

http://fusiondirectory.com https://yoroi.company/research/cve-advisory-full-disclosure-multiple-vulnerabilities/