CVE-2021-47834

Schlix CMS 2.2.6-6 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into category titles. Attackers can create a new contact category with a script payload that will execute when the page is viewed by other users...

CVE-2021-47834 Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated)

Schlix CMS 2.2.6-6 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into category titles. Attackers can create a new contact category with a script payload that will execute when the page is viewed by other users...

CVE-2021-47834

CVE-2021-47834 — Schlix CMS 2.2.6-6 : A persistent cross-site scripting flaw exists that enables authenticated users to inject scripts into category titles by creating a new contact category, which then executes when pages are viewed by others. The issue is documented across multiple sources (NVD...

CVE-2009-4369

Cross-site scripting XSS vulnerability in the Contact module modules/contact/contact.admin.inc or modules/contact/contact.module in Drupal Core 5.x before 5.21 and 6.x before 6.15 allows remote authenticated users with "administer site-wide contact form" permissions to inject arbitrary web script...