Description
Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/FileAPI.flash.image.swf in MODX Revolution 2.3.2-pl allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Media Usage Cross-Site Scripting (0.0.4)
WordPress Plugin BIC Media Widget Cross-Site Scripting (1.0)
WordPress Plugin Store Locator Plus for WordPress SQL Injection (3.8.6)
WordPress Plugin WP Page Builder Multiple Vulnerabilities (1.2.3)
WordPress Plugin GiveWP-Donation and Fundraising Platform Security Bypass (2.5.9)