Description
An issue was discovered in the image-manager in Xoops 2.5.10. When the breadcrumb showing the category name is hovered over while editing any image, a JavaScript payload executes.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Learn Manager Cross-Site Scripting (1.1.2)
PostgreSQL Missing Encryption of Sensitive Data Vulnerability (CVE-2017-7485)
WordPress Plugin WooCommerce Blocks Security Bypass (3.7.0)
MySQL CVE-2020-2589 Vulnerability (CVE-2020-2589)
OpenSSL Resource Management Errors Vulnerability (CVE-2008-1678)