Modx: >> Modx Revolution >> 2.7.0 Security Vulnerabilities
MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-02-06
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-02-06
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-02-06
MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-02-06