Multiple cross-site scripting (XSS) vulnerabilities in...
Moderate severity
Unreviewed
Published
Apr 23, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Feb 11, 2020
Published to the GitHub Advisory Database
Apr 23, 2022
Last updated
Jan 27, 2023
Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x before 1.12.2 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_url to includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php.
References