Description
A vulnerability classified as problematic has been found in PHPList 3.2.6. This affects an unknown part of the file /lists/admin/. The manipulation of the argument page with the input send\'\";><script>alert(8)</script> leads to cross site scripting (Reflected). It is possible to initiate the attack remotely. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.
Remediation
References
Related Vulnerabilities
WordPress Plugin Bad Behavior Multiple Cross-Site Scripting Vulnerabilities (2.2.4)
WordPress Plugin Code Snippets Cross-Site Request Forgery (2.13.3)
WordPress Plugin Yoast SEO Cross-Site Scripting (2.1.1)
Ruby Improper Authentication Vulnerability (CVE-2017-10784)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0724)