Description
Cross-site scripting (XSS) vulnerability in submitnews.php in e107 before 0.7.23 allows remote attackers to inject arbitrary web script or HTML via the submitnews_title parameter, a different vector than CVE-2008-6208. NOTE: some of these details are obtained from third party information. NOTE: this might be the same as CVE-2009-4083.1 or CVE-2011-0457.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Multiple Security Bypass Vulnerabilities (2.6.92)
WordPress Plugin All in One Webmaster Cross-Site Request Forgery (8.2.3)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12023)
WordPress Plugin Monsters Editor for WP Super Edit Arbitrary File Upload (1.1)
WordPress Plugin iFlyChat-WordPress Chat Cross-Site Scripting (4.6.4)