Unmark Marks.php file cross-site scripting vulnerability

Unmark is an open source to-do list application for bookmarking. Unmark 1.9.3 and earlier versions have a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Title in the file /application/controllers/Marks.php,...

PT-2025-37356

Name of the Vulnerable Software and Affected Versions: cdevroe unmark versions up to 1.9.3 Description: A vulnerability exists in cdevroe unmark up to version 1.9.3. The issue affects an unknown part of the file /application/controllers/Marks.php and allows for server-side request forgery through...