Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in the username field, possibly related to snippet.ditto.php. NOTE: some sources list the id parameter as being affected, but this is probably incorrect based on the original disclosure.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MODx CMS 'index.php'跨站脚本攻击漏洞
Vulnerability Description
MODx是美国MODX System公司的一套开源的PHP应用框架,它支持发布、更新、维护动态网站或Html静态页面网站的内容。 MODx CMS 0.9.6.2及之前版本的index.php中存在跨站脚本攻击漏洞。远程攻击者可借助用户名字段的JavaScript事件,注入任意的web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A