Description
Multiple cross-site scripting (XSS) vulnerabilities in the media manager in Dotclear before 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) q or (2) link_type parameter to admin/media.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Facebook Button by BestWebSoft Cross-Site Request Forgery (2.13)
WordPress Plugin Disable Comments Cross-Site Scripting (1.3)
GlassFish CVE-2010-4438 Vulnerability (CVE-2010-4438)
WordPress Plugin WP Customer Reviews Multiple Vulnerabilities (3.0.8)
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.3)