bloofoxCMS is vulnerable to multiple cross-site scripting vulnerabilities that may permit remote attackers to specially craft URLs that cause arbitrary HTML and script code to be served to users, causing a cross-site scripting scenario to manifest.
bloofoxCMS 5.0 and possibly other versions
Exploitation of this vulnerability is possible via maliciously crafted URLs that contain malicious scripts. This may allow an attacker to siphon sensitive information or execute arbitrary web scripts within the context of the browser.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 33024 - bloofoxCMS Multiple Vulnerabilities (20140303) (Zero-Day)
Avoid using bloofox CMS when possible.