Description
Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Forum Server 'edit_post_id' Parameter SQL Injection (1.7)
Jboss EAP CVE-2013-1862 Vulnerability (CVE-2013-1862)
WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)
WordPress Plugin Responsive WordPress Slider-Avartan Slider Lite Cross-Site Scripting (1.4)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5480)