Description
Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList before 2.10.19 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter; or the (2) footer, (3) status, or (4) testtarget parameter in the send page.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2004-1019)
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (3.1.9)
WordPress Plugin WP DS FAQ Plus Cross-Site Scripting (1.4.1)
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)