Description
Cross-site scripting (XSS) vulnerability in Dotclear before 2.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted page.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2017-10295 Vulnerability (CVE-2017-10295)
Magento CVE-2020-9632 Vulnerability (CVE-2020-9632)
TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355)
Moodle Session Fixation Vulnerability (CVE-2025-53021)
WordPress Plugin Gmedia Photo Gallery Arbitrary File Upload (1.2.1)