Description
Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in ModX Revolution before 2.2.11 allows remote attackers to inject arbitrary web script or HTML via the "a" parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Brizy-Page Builder Multiple Vulnerabilities (2.4.43)
WordPress Plugin Duplicate Post Cross-Site Scripting (2.6)
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.49)
WordPress Plugin Daily Maui Photo Widget Multiple Cross-Site Scripting Vulnerabilities (0.2)
Drupal Improper Access Control Vulnerability (CVE-2016-3162)