Medium severity6.1NVD Advisory· Published Aug 29, 2017· Updated Jun 17, 2026
CVE-2015-6588
CVE-2015-6588
Description
Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX Revolution before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING.
Affected products
3- Range: <1.9.1
cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*range: <=1.9.0
- (no CPE)range: <1.9.1
Patches
Vulnerability mechanics
References
1- packetstormsecurity.com/files/134529/MODX-2.3.5-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.