facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , a reflected XSS occurs when an application receives data from an …

facileManager, a modular suite of web applications for system administrators, contains a reflected XSS vulnerability in versions prior to 6.0.4. The vulnerability exists in the fmDNS module where the log_search_query parameter is susceptible to XSS attacks. Attackers can inject malicious JavaScript code into URLs through script parameters. The vulnerability occurs when the application receives data from untrusted sources and uses it in HTTP responses without proper sanitization. This security issue has been addressed and fixed in version 6.0.4.