Description

In e107 v2.1.7, output without filtering results in XSS.

Remediation

References

CVE-2018-11734

Related Vulnerabilities

WordPress Plugin WP JS Cross-Site Scripting (2.0.6)

Roundcube Resource Management Errors Vulnerability (CVE-2008-5620)

Joomla! Core 1.5.x Arbitrary File Upload (1.5.0 - 1.5.15)

WordPress Plugin Download Manager Arbitrary File Deletion (3.2.50)

Oracle Database Server CVE-2010-0866 Vulnerability (CVE-2010-0866)

Severity

Medium

Classification

CVE-2018-11734 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities