Description
Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Remediation
References
Related Vulnerabilities
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-10159)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1578)
WordPress Plugin SportsPress-Sports Club & League Manager Cross-Site Scripting (2.7.1)
IBM WebSEAL Other Vulnerability (CVE-2023-30998)
Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665)