CVE-2010-1427

2010-04-1521:12:00

mitre

www.cve.org

AI Score

5.5

Confidence

High

EPSS

0.003

Percentile

65.5%

JSON

Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch.

References

jvn.jp/en/jp/JVN46669729/index.html

jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000013.html

modxcms.com/forums/index.php/topic%2C47759.msg280304.html#msg280304

secunia.com/advisories/39298

exchange.xforce.ibmcloud.com/vulnerabilities/57635