Description
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Edit Values" field under the "Configure Attributes" module.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPtouch 'wptouch_settings' Parameter Cross-Site Scripting (1.9.20)
WebLogic CVE-2020-2549 Vulnerability (CVE-2020-2549)
WordPress Plugin WP SEO TDK Security Bypass (2.0.2)
WordPress Plugin Business Card Cross-Site Scripting (1.0.0)
WordPress Plugin Brizy-Page Builder Security Bypass (1.0.113)