6 matches found
EUVD-2018-13299
Malware in sbrugna...
MODX Revolution allows XSS via document resources
MODX Revolution through v2.7.0-pl allows XSS via a document resource such as pagetitle, which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs...
Cross-Site Scripting (XSS)
modx/revolution is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via a document resource such as pagetitle through the update or quick edit action. The Javascript is executed when viewing manager logs...
CVE-2018-20756
MODX Revolution through v2.7.0-pl allows XSS via a document resource such as pagetitle, which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs...
CVE-2018-20756
MODX Revolution through v2.7.0-pl allows XSS via a document resource such as pagetitle, which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs...
CVE-2018-20756
MODX Revolution (through v2.7.0-pl) is affected by a cross-site scripting (XSS) vulnerability via a document resource (e.g., pagetitle) that is mishandled during Update or Quick Edit actions, or when viewing manager logs. The issue is documented across multiple sources (NVD and related advisories...