Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the (1) search, (2) "a," (3) messagesubject, and (4) messagebody parameters to certain pages as reachable from manager/index.php; (5) highlight, (6) id, (7) email, (8) name, and (9) parent parameters to index.php; and the (10) docgrp and (11) moreResultsPage parameters to index-ajax.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MODx CMS跨站脚本攻击漏洞
Vulnerability Description
MODx CMS 0.9.6.1版本和0.9.6.1p1版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(1)搜索,(2)"a",(3)messagesubject,和(4)对可从manager/index.php获得的某些页的信息正文;(5)标示记号,(6)id,(7)电子邮件,(8)名字,和(9)对index.php的parent参数,以及(10)docgrp和(11)对index-ajax.php的 moreResultsPage参数,注入任意WEB脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A