Description
e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter.
Remediation
References
Related Vulnerabilities
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1524)
MySQL CVE-2018-3200 Vulnerability (CVE-2018-3200)
Ruby Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31810)
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.44)