Description
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (7.0.06)
WordPress Plugin iPanorama 360 WordPress Virtual Tour Builder Cross-Site Scripting (1.6.21)
WordPress Plugin OAuth client Single Sign On for WordPress (OAuth 2.0 SSO) Security Bypass (3.0.3)
Oracle Database Server CVE-2009-3412 Vulnerability (CVE-2009-3412)
WordPress Plugin Discount Rules for WooCommerce Multiple Vulnerabilities (2.0.2)