PHP-Nuke Avatar HTML Injection Vulnerability

PHP-Nuke Avatar HTML Injection Vulnerability

Solution:
PHP-Nuke 6.5 has been reported to be invulnerable to this issue. It should be noted that PHP-Nuke 6.5 is a beta distribution and as such should be considered unstable. Users are advised to install and deploy PHP-Nuke 6.5 with caution.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.