Medium severity6.1NVD Advisory· Published Aug 2, 2017· Updated May 13, 2026
CVE-2017-12139
CVE-2017-12139
Description
XOOPS Core 2.5.8 has stored XSS in imagemanager.php because of missing MIME type validation in htdocs/class/uploader.php.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/100094nvdThird Party AdvisoryVDB Entry
- github.com/XOOPS/XoopsCore25/issues/524nvdThird Party Advisory
News mentions
0No linked articles in our index yet.