header-logo
Suggest Exploit
vendor:
e107
by:
SecurityFocus
7.5
CVSS
HIGH
HTML-injection
79
CWE
Product Name: e107
Affected Version From: e107 0.7.0
Affected Version To: e107 0.7.11
Patch Exists: YES
Related CWE: N/A
CPE: a:e107:e107
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

e107 CMS HTML-injection Vulnerability

The e107 CMS is prone to an HTML-injection vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site when the inserted data is viewed.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/18560/info

The e107 CMS is prone to an HTML-injection vulnerability.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site when the inserted data is viewed.

In Submit comment:
Subject: '><script>alert(/XSS/)</script>

Navigation

Suggest Exploit

Services By CQR