HauntIT Blog - security testing & exploit development
Friday, 31 January 2014
[EN] Simple Machine Forum (SMF) 2.0.7 - XSS
In latest version of SMF I found a tricky XSS vulnerability. As the vendor said, this is a low priority, because it can be exploited only when admin user is logged in. Post will be updated after patch release (in new version).