Slims Project: >> Slims >> 8.3.1 Security Vulnerabilities
Reflected cross-site scripting (XSS) in SLiMS (slims9_bulian) before 9.6.0 via improper handling of $_SERVER['PHP_SELF' ] in index.php/sysconfig.inc.php, which allows remote attackers to execute arbitrary JavaScript in a victim's browser by supplying a crafted URL path.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-12-17
Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stock_take/index.php?keywords= URI.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-06-22