Agelxnash

Name of the Vulnerable Software and Affected Versions: MODX Revolution versions prior to v2.8.0, specifically versions through v2.7.0-pl Description: The issue allows for XSS attacks via a document resource, such as `pagetitle`, which is mishandled during certain actions like Update, Quick Edit, or when viewing manager logs. Recommendations: For MODX Revolution versions through v2.7.0-pl, update to a version later than v2.7.0-pl to resolve the issue.

Name of the Vulnerable Software and Affected Versions: MODX Revolution versions prior to v2.7.0-pl Description: The issue allows for XSS attacks via an extended user field, such as Container name or Attribute name. Recommendations: For MODX Revolution versions prior to v2.7.0-pl, update to a version that contains a fix for this issue.