Description
Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter (aka the page limit number).
Remediation
References
Related Vulnerabilities
Squid Improper Input Validation Vulnerability (CVE-2009-2622)
PostgreSQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2020-25694)
WordPress Plugin WooCommerce Multiple Vulnerabilities (6.2.0)
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2022-47927)
WebLogic Improper Input Validation Vulnerability (CVE-2019-12400)