Description
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter to edit.php or (2) cid parameter to comment_edit.php.
Remediation
References
Related Vulnerabilities
GlassFish CVE-2012-0104 Vulnerability (CVE-2012-0104)
PostgreSQL CVE-2018-1058 Vulnerability (CVE-2018-1058)
Oracle JRE CVE-2014-2401 Vulnerability (CVE-2014-2401)
WordPress Plugin Side Menu-add fixed side buttons SQL Injection (3.1.3)
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.7)