Description
The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter.
Remediation
References
Related Vulnerabilities
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)
Jenkins Session Fixation Vulnerability (CVE-2018-1000409)
WordPress Plugin BruteBank-WP Security & Firewall Cross-Site Request Forgery (1.8)
SharePoint Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1261)
Rukovoditel Improper Input Validation Vulnerability (CVE-2020-11819)