Description
Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.
Remediation
References
Related Vulnerabilities
WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3)
WordPress Plugin Video Player for YouTube Cross-Site Scripting (1.3)
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-5682)
WordPress Plugin wp audio gallery playlist 'playlist.php' SQL Injection (0.12)