| ID | CVE-2017-9070 | ||||||
| Sažetak | In MODX Revolution before 2.5.7, a user with resource edit permissions can inject an XSS payload into the title of any post via the pagetitle parameter to connectors/index.php. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:S/C:N/I:P/A:N | ||||||
| Zadnje važnije ažuriranje | 30-05-2017 - 19:02 | ||||||
| Objavljeno | 18-05-2017 - 16:29 |
