Description
Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment.
Remediation
References
Related Vulnerabilities
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15081)
WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.23)
WordPress Plugin Comprehensive Google Map Cross-Site Request Forgery (9.1.3)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305)
WordPress Plugin WP-FaceThumb 'pagination_wp_facethumb' Parameter Cross-Site Scripting (0.1)