Description
Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) explain parameter to explanation.php or the (2) photos_only, (3) online_only, or (4) mode parameters to viewFriends.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (3.3.2)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.18)
SharePoint CVE-2020-16950 Vulnerability (CVE-2020-16950)
WordPress Plugin Integration for Contact Form 7 and Mailchimp Cross-Site Scripting (1.0.9)
WordPress Plugin Social Sharing-Kiwi Security Bypass (2.0.10)