Description

Cross-site scripting (XSS) vulnerability in index.php in phplist 2.10.2 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: This issue might overlap CVE-2006-5321.

Remediation

References

CVE-2006-5524

Related Vulnerabilities

Contao Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10641)

MySQL CVE-2022-21355 Vulnerability (CVE-2022-21355)

WordPress Plugin YITH Product Size Charts for WooCommerce Security Bypass (1.1.11)

WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36156)

Jboss EAP Cryptographic Issues Vulnerability (CVE-2012-5575)

Severity

Medium

Classification

CVE-2006-5524

Tags

Missing Update Known Vulnerabilities