Description

Cross-site scripting (XSS) vulnerability in the registration page in e107, probably 1.0.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-3843

Related Vulnerabilities

WordPress Plugin Pinterest Automatic Pin Security Bypass (4.14.3)

Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-16145)

TYPO3 CVE-2023-38499 Vulnerability (CVE-2023-38499)

WordPress Plugin Social Review includes Backdoor [Only if downloaded via the vendor website] (1.0.8)

WordPress Plugin Business Manager-WordPress ERP, HR, CRM, and Project Management Cross-Site Scripting (1.4.5)

Severity

Medium

Classification

CVE-2012-3843 CWE-707

Tags

Missing Update Known Vulnerabilities