Description

Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.

Remediation

References

CVE-2010-4883

Related Vulnerabilities

MySQL CVE-2017-3454 Vulnerability (CVE-2017-3454)

Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-11581)

WordPress Plugin Disqus Comment System Multiple Vulnerabilities (2.75)

WordPress Plugin Keydatas Arbitrary File Upload (2.5.2)

WordPress Plugin Slimstat Analytics Cross-Site Scripting (2.8.4)

Severity

Low

Classification

CVE-2010-4883 CWE-707

Tags

Missing Update Known Vulnerabilities