0.001 Low
EPSS
Percentile
37.3%
modx/revolution is vulnerable to cross-site scripting (XSS). The vulnerability exists through an extended user field such as Container name or Attribute name, allowing XSS attacks.
github.com/modxcms/revolution/commit/71f894ee55dc4eed10538979761d6c94e8cd1078
github.com/modxcms/revolution/issues/14104
github.com/modxcms/revolution/pull/14335