Cross-site scripting (XSS) vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in the username field, possibly related to snippet.ditto.php. NOTE: some sources list the id parameter as being affected, but this is probably incorrect based on the original disclosure.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-01-22T11:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2009-01-21T00:00:00
Link: CVE-2008-5939
JSON object: View
NVD Information
Status : Modified
Published: 2009-01-22T11:30:05.327
Modified: 2017-09-29T01:32:53.620
Link: CVE-2008-5939
JSON object: View
Redhat Information
No data.
CWE