Description
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gwolle Guestbook Remote File Inclusion (1.5.3)
WebLogic Improper Access Control Vulnerability (CVE-2016-5601)
WordPress Plugin BizLibrary Cross-Site Scripting (1.1)
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3572)
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2022-2191)