Description
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
Remediation
References
Related Vulnerabilities
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-36129)
WordPress Plugin Gravity Forms FreshDesk Cross-Site Scripting (1.2.8)
Oracle Application Server Other Vulnerability (CVE-2006-5354)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15734)