Description
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
Remediation
References
Related Vulnerabilities
Python Improper Input Validation Vulnerability (CVE-2018-20852)
MySQL CVE-2020-14765 Vulnerability (CVE-2020-14765)
Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Request Forgery (7.8)
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1500)