Description
Cross-site scripting (XSS) vulnerability in engine/lib/views.php in Elgg before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the view parameter to index.php. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42794)
WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup Multiple Vulnerabilities (4.11.33)
MySQL CVE-2020-14654 Vulnerability (CVE-2020-14654)
WordPress Plugin Flash Photo Gallery Cross-Site Scripting (0.7)
WordPress Plugin Category and Page Icons Cross-Site Scripting (0.9.2)