Description
Cross-site scripting (XSS) vulnerability in Zikula Application Framework before 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the returnpage parameter to index.php.
Remediation
References
Related Vulnerabilities
WordPress Improper Input Validation Vulnerability (CVE-2008-5695)
MySQL CVE-2016-0504 Vulnerability (CVE-2016-0504)
WordPress Plugin The Events Calendar Cross-Site Scripting (3.0)
WordPress Plugin Browser and Operating System Finder Cross-Site Request Forgery (1.1)
WordPress Plugin New Year Firework Cross-Site Scripting (1.1.9)