Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2018-20757
Disclosure Date: February 06, 2019 (last updated November 27, 2024)
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
0
Attacker Value
Unknown
CVE-2018-20755
Disclosure Date: February 06, 2019 (last updated November 27, 2024)
MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.
0
Attacker Value
Unknown
CVE-2018-20756
Disclosure Date: February 06, 2019 (last updated November 27, 2024)
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
0
