Description
Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x before 2.2.15 allows remote attackers to inject arbitrary web script or HTML via the context_key parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Unite Gallery Lite Multiple Vulnerabilities (1.4.6)
WordPress Plugin Fitness Trainer-Training Membership Cross-Site Scripting (1.0.8)
WordPress Plugin Daily Prayer Time Cross-Site Scripting (2021.08.07)
WordPress Plugin Image Slider by Ays-Responsive Slider and Carousel SQL Injection (2.4.9)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3169)