CVE-2019-16684

An issue was discovered in the image-manager in Xoops 2.5.10. When any image with a JavaScript payload as its name is hovered over in the list or in the Edit page, the payload executes...

CVE-2019-16683

An issue was discovered in the image-manager in Xoops 2.5.10. When the breadcrumb showing the category name is hovered over while editing any image, a JavaScript payload executes...

CVE-2019-16683

An issue was discovered in the image-manager in Xoops 2.5.10. When the breadcrumb showing the category name is hovered over while editing any image, a JavaScript payload executes...

CVE-2019-16684

CVE-2019-16684 affects Xoops 2.5.10 image-manager. A stored cross-site scripting issue occurs when an image is named with a JavaScript payload; hovering over such items in the list or Edit page causes the payload to execute. The Red Hat entry corroborates the same description. No explicit remedia...

CVE-2019-16683

The CVE-2019-16683 vulnerability affects the Xoops 2.5.10 image-manager. When editing an image, hovering the breadcrumb that shows the category name triggers a JavaScript payload, indicating a cross-site scripting issue in the image-manager component. The available sources describe the affected f...