Description
Cross-site scripting (XSS) vulnerability in engine/lib/views.php in Elgg before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the view parameter to index.php. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2011-4907)
MySQL CVE-2019-2946 Vulnerability (CVE-2019-2946)
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.8.3)
WebLogic CVE-2021-2294 Vulnerability (CVE-2021-2294)
WordPress Plugin Taxonomy Images Multiple Unspecified Vulnerabilities (0.6)