Description
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
Remediation
References
Related Vulnerabilities
MySQL CVE-2014-6469 Vulnerability (CVE-2014-6469)
Atlassian Jira CVE-2020-14165 Vulnerability (CVE-2020-14165)
WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Vulnerabilities (1.7.6)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2243)