Lucene search
K

5 matches found

NVD
NVD
added 2009/01/22 11:30 a.m.17 views

CVE-2008-5939

Cross-site scripting XSS vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in the username field, possibly related to snippet.ditto.php. NOTE: some sources list the id parameter as being affected, but...

4.3CVSS5.5AI score0.0171EPSS
Exploits1References6
NVD
NVD
added 2009/01/22 11:30 a.m.11 views

CVE-2008-5942

Multiple cross-site scripting XSS vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the preserveUrls function and 2 "username input." NOTE: vector 2 may be related to CVE-2008-5939...

4.3CVSS5.6AI score0.01065EPSS
Exploits0References5
Prion
Prion
added 2009/01/22 11:30 a.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the preserveUrls function and 2 "username input." NOTE: vector 2 may be related to CVE-2008-5939...

4.3CVSS5.8AI score0.0171EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2009/01/22 11:0 a.m.19 views

CVE-2008-5942

Multiple cross-site scripting XSS vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the preserveUrls function and 2 "username input." NOTE: vector 2 may be related to CVE-2008-5939...

5.6AI score0.01065EPSS
Exploits0References5
CVE
CVE
added 2009/01/22 11:0 a.m.53 views

CVE-2008-5939

MODx CMS before 0.9.6.3 is affected by XSS in index.php (and related to username input) allowing remote attackers to inject arbitrary script/HTML. CVE-2008-5942 also notes vectors tied to the preserveUrls function. The original disclosure indicates the id parameter is unlikely affected. Remediati...

4.3CVSS5.8AI score0.0171EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder