Description
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2006-0285 Vulnerability (CVE-2006-0285)
WordPress Plugin DVS Custom Notification Multiple Cross-Site Request Forgery Vulnerabilities (1.0.1)
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068)
WordPress Plugin AW WordPress Yearly Category Archives Unspecified Vulnerability (1.2.1)
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-29213)