Description
Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter.
Remediation
References
Related Vulnerabilities
Jenkins Missing Authorization Vulnerability (CVE-2021-21688)
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)
Joomla Incorrect Authorization Vulnerability (CVE-2018-17857)
WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Cross-Site Request Forgery Vulnerabilities (2.8)
WordPress Plugin Change Password and E-mail Cross-Site Scripting (1.0)