Description
XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters.
Remediation
References
Related Vulnerabilities
WordPress Plugin User Rights Access Manager Security Bypass (1.0.5)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4999)
WordPress Plugin Google Drive for WordPress Arbitrary File Deletion (2.2)
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-3403)