CVE-2010-4883 Information

Description

Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.

Reference

http://modxcms.com/forums/index.php/topic55104.0.html http://modxcms.com/forums/index.php/topic55105.0.html http://packetstormsecurity.org/1009-exploits/modx202pl-xss.txt http://secunia.com/advisories/41638 http://securityreason.com/securityalert/8435 http://www.osvdb.org/68264 http://www.securityfocus.com/bid/43577 https://exchange.xforce.ibmcloud.com/vulnerabilities/62070