Cross site scripting

Smith0r/burgundy-cms before 2017-03-06 is vulnerable to a reflected XSS in admin/components/menu/views/menuitems.php id parameter...

Menu Views - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-055

This module enables users to create menu items that render views instead of links. This is useful for creating "mega-menus". The module doesn't sufficiently filter title and breadcrumb fields for possible cross-site scripting. This vulnerability is mitigated by the fact that an attacker must have...