CVE-2017-6479 Fenix Hosting CVE debrief

Who should care

Administrators and maintainers of Fenix Hosting fenix-open-source deployments, especially any public forums/search.php endpoint exposed to untrusted users. Security teams responsible for web application hardening and browser-side risk reduction should also review affected instances.

Technical summary

The flaw is a reflected XSS in forums/search.php driven by the search-by-topic parameter. NVD maps it to CWE-79 and lists CVSS 3.0 AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N. The corpus shows the issue affecting fenix-open-source builds in the pre-fix range cited by the description and NVD CPE data.

Defensive priority

Medium priority. Reflected XSS can expose user-controlled browser context or trigger unwanted actions, but it depends on a victim following a crafted request and interacting with the affected page.

Recommended defensive actions

• Identify all fenix-open-source deployments and confirm whether they fall within the vulnerable version range cited in the source corpus.
• Upgrade to a vendor-fixed release or otherwise remove or disable the affected code path if an official fix is not available.
• Review forums/search.php input handling and ensure search-by-topic output is contextually encoded before rendering.
• Validate that reverse proxy, WAF, or application-layer controls do not hide the vulnerable endpoint during testing.
• Add regression tests for reflected XSS on search endpoints and monitor logs for unexpected script-bearing parameters.

Evidence notes

The CVE description states: 'FenixHosting/fenix-open-source before 2017-03-04 is vulnerable to a reflected XSS in forums/search.php (search-by-topic parameter).' NVD records the weakness as CWE-79 and includes a vulnerable CPE range ending in 2017-02-21. The supplied references include SecurityFocus BID 96587 and a GitHub issue tagged as Exploit and Vendor Advisory. No KEV entry is present in the supplied corpus.

Official resources