CVE-2015-5399
NONE EPSS 76.6%
Published Aug 26, 20169y ago · Modified Jun 17, 20262w ago
Published Aug 26, 2016 9y ago
Last Modified Jun 17, 2026 2w ago
Description
Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject arbitrary web script or HTML via a comment.
Threat Intelligence
EPSS Exploit Probability
76.6% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| phpvibe | phpvibe | * | ≤4.20 |
References 2
- packetstormsecurity.com https://packetstormsecurity.com/files/132715/phpVibe-Stored-Cross-Site-Scripting.html
- exploit-db.com https://www.exploit-db.com/exploits/37659
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.