Description
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
Remediation
References
Related Vulnerabilities
Jboss EAP Files or Directories Accessible to External Parties Vulnerability (CVE-2021-3717)
WebLogic CVE-2017-10352 Vulnerability (CVE-2017-10352)
WordPress Plugin GS Products Slider for WooCommerce Cross-Site Scripting (1.5.8)
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241)
FrontAccounting Multiple SQL Injection Vulnerabilities (CVE-2014-3973)