CVE-2014-2080

2014-02-28T19:01:09
ID CVE-2014-2080
Type cve
Reporter NVD
Modified 2015-07-30T10:52:44

Description

Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in ModX Revolution before 2.2.11 allows remote attackers to inject arbitrary web script or HTML via the "a" parameter.