Description
Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message.
Remediation
References
Related Vulnerabilities
Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-3888)
WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7132)
Oracle JRE CVE-2013-5784 Vulnerability (CVE-2013-5784)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Local File Inclusion (1.5.24)