Description
Multiple cross-site scripting (XSS) vulnerabilities in Contao before 2.10.2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php in a (1) teachers.html or (2) teachers/ action.
Remediation
References
Related Vulnerabilities
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-3171)
WordPress Plugin WP Google Maps Cross-Site Scripting (7.10.41)
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.26)
WordPress Plugin underConstruction Cross-Site Scripting (1.18)
WordPress Plugin Ultimate Instagram Feed Unspecified Vulnerability (1.3)