Description

Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element.

Remediation

References

CVE-2006-0857

Related Vulnerabilities

WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Arbitrary File Upload (1.5.3)

MODX Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-8775)

WordPress Plugin Albo Pretorio On line Multiple Vulnerabilities (3.2)

WordPress Plugin PDF & Print Button Joliprint Multiple Cross-Site Scripting Vulnerabilities (1.3.0)

MySQL CVE-2021-35602 Vulnerability (CVE-2021-35602)

Severity

Medium

Classification

CVE-2006-0857 CWE-707

Tags

Missing Update Known Vulnerabilities