5 matches found
CVE-2008-5939
Cross-site scripting XSS vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in the username field, possibly related to snippet.ditto.php. NOTE: some sources list the id parameter as being affected, but...
CVE-2008-5942
Multiple cross-site scripting XSS vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the preserveUrls function and 2 "username input." NOTE: vector 2 may be related to CVE-2008-5939...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the preserveUrls function and 2 "username input." NOTE: vector 2 may be related to CVE-2008-5939...
CVE-2008-5942
Multiple cross-site scripting XSS vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the preserveUrls function and 2 "username input." NOTE: vector 2 may be related to CVE-2008-5939...
CVE-2008-5939
MODx CMS before 0.9.6.3 is affected by XSS in index.php (and related to username input) allowing remote attackers to inject arbitrary script/HTML. CVE-2008-5942 also notes vectors tied to the preserveUrls function. The original disclosure indicates the id parameter is unlikely affected. Remediati...