Description
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in XOOPS 2.0.18.1 allows remote attackers to inject arbitrary web script or HTML via the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin Allopass for WP Cross-Site Scripting (1.0.7)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4792)
Moodle Improper Input Validation Vulnerability (CVE-2020-10738)
WordPress Plugin Bug Library Cross-Site Scripting (2.0.3)
Internet Information Services Other Vulnerability (CVE-2000-0630)