Описание
MODX Revolution Reflected XSS
In MODX Revolution before 2.5.7, an attacker is able to trigger Reflected XSS by injecting payloads into several fields on the setup page, as demonstrated by the database_type parameter.
Пакеты
Наименование
modx/revolution
composer
Затронутые версииВерсия исправления
< 2.5.7
2.5.7
Связанные уязвимости
CVSS3: 6.1
nvd
больше 8 лет назад
In MODX Revolution before 2.5.7, an attacker is able to trigger Reflected XSS by injecting payloads into several fields on the setup page, as demonstrated by the database_type parameter.