Description
Cross-site scripting (XSS) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: it is possible that this overlaps CVE-2011-0535.
Remediation
References
Related Vulnerabilities
WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)
Oracle Database Server CVE-2010-0870 Vulnerability (CVE-2010-0870)
PHP Improper Input Validation Vulnerability (CVE-2016-4072)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (5.2.2)
Squid Improper Input Validation Vulnerability (CVE-2016-2572)