Описание
MODX Revolution allows XSS via document resources
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
Пакеты
Наименование
modx/revolution
composer
Затронутые версииВерсия исправления
< 2.7.1-pl
2.7.1-pl
Связанные уязвимости
CVSS3: 6.1
nvd
около 7 лет назад
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.