CVE-2014-8992
EUVD-2014-881822.12.2014, 19:59
Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/FileAPI.flash.image.swf in MODX Revolution 2.3.2-pl allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| modx | modx_revolution | 2.3.2 |
𝑥
= Vulnerable software versions