Description
MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.
Remediation
References
Related Vulnerabilities
WordPress Plugin PitchPrint Arbitrary File Upload (7.2.1)
WordPress Plugin Active Directory Integration/LDAP Integration Unspecified Vulnerability (3.6.95)
WordPress Plugin Master Slider-Responsive Touch Slider SQL Injection (2.5.1)
WordPress Plugin WP Dynamic Keywords Injector Cross-Site Request Forgery (2.3.15)