Description
Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in ModX Revolution before 2.2.11 allows remote attackers to inject arbitrary web script or HTML via the "a" parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Captcha by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (4.1.5)
OpenSSL Resource Management Errors Vulnerability (CVE-2011-0014)
Oracle JRE CVE-2013-2416 Vulnerability (CVE-2013-2416)
Liferay version older than 7.0
MediaWiki Insecure Storage of Sensitive Information Vulnerability (CVE-2021-36127)