Description
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Configure categories" field under the "Categorise Lists" module.
Remediation
References
Related Vulnerabilities
XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468)
WordPress Plugin Premium Addons for Elementor Cross-Site Scripting (3.7.2)
WordPress Plugin Widget Shortcode Cross-Site Scripting (0.3.5)
Oracle Database Server CVE-2014-4298 Vulnerability (CVE-2014-4298)
Chamilo Improper Input Validation Vulnerability (CVE-2021-31933)