Description
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2023-22072 Vulnerability (CVE-2023-22072)
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4660)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8644)
WordPress Plugin Crazy Bone Cross-Site Scripting (0.5.6)
WordPress Plugin CM Download Manager Multiple Vulnerabilities (2.0.6)