Description
Cross-site scripting (XSS) vulnerability in the user list table in WordPress before 4.3.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted e-mail address, a different vulnerability than CVE-2015-5714.
Remediation
References
Related Vulnerabilities
WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)
Joomla! Core 3.x.x SQL Injection (3.5.0 - 3.8.5)
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2750)
WordPress Plugin Images Slideshow by 2J-Image Slider Security Bypass (1.3.31)
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069)