MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4883)

Description

Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.

Remediation

References

CVE-2010-4883

Related Vulnerabilities

MySQL CVE-2022-21332 Vulnerability (CVE-2022-21332)

phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)

MySQL CVE-2014-4240 Vulnerability (CVE-2014-4240)

PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568)

LimeSurvey Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2019-16175)

Severity

Low

Classification

CVE-2010-4883 CWE-707