Description
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username parameters. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Jboss EAP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
WordPress Plugin WP Custom Fields Search Cross-Site Scripting (1.2.34)
WordPress Plugin WP FullCalendar Security Bypass (1.4.1)
MySQL CVE-2021-2194 Vulnerability (CVE-2021-2194)
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5)