Description Podcast Generator 2.7 has stored cross-site scripting (XSS) via the URL addcategory parameter. Remediation References CVE-2018-20121 Related Vulnerabilities Moodle Incorrect Authorization Vulnerability (CVE-2021-20283) phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5867) WordPress Plugin Featurific For WordPress 'snum' Parameter Cross-Site Scripting (1.6.2) WordPress Plugin Manual Image Crop Cross-Site Scripting (1.10) Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1614) Severity Medium Classification CVE-2018-20121 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities