Description
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2017-10274 Vulnerability (CVE-2017-10274)
PostgreSQL Other Vulnerability (CVE-2002-0802)
WordPress Plugin WebP Express Unspecified Vulnerability (0.14.21)
OpenSSL Incomplete Cleanup Vulnerability (CVE-2022-1473)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1429)