Description
Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment.
Remediation
References
Related Vulnerabilities
WordPress Plugin LearnPress-WordPress LMS SQL Injection (4.1.3.2)
GlassFish CVE-2016-3608 Vulnerability (CVE-2016-3608)
SharePoint CVE-2020-17118 Vulnerability (CVE-2020-17118)
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7942)
WordPress Plugin ImportWP-Import any XML or CSV File into WordPress Security Bypass (1.1.5)