Description
Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) explain parameter to explanation.php or the (2) photos_only, (3) online_only, or (4) mode parameters to viewFriends.php.
Remediation
References
Related Vulnerabilities
Swagger UI DOM XSS vulnerability
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0061)
Liferay Portal CVE-2020-13444 Vulnerability (CVE-2020-13444)
WordPress Plugin WPFront User Role Editor Unspecified Vulnerability (2.14.1)
WordPress Plugin Modern Events Calendar Lite Security Bypass (5.1.6)