Description

An issue was discovered in e107 v2.1.9. There is a XSS attack on e107_admin/comment.php.

Remediation

References

CVE-2018-17423

Related Vulnerabilities

MySQL CVE-2013-2375 Vulnerability (CVE-2013-2375)

Oracle Database Server CVE-2014-4296 Vulnerability (CVE-2014-4296)

WordPress Plugin Complianz-GDPR/CCPA Cookie Consent Cross-Site Scripting (6.4.1)

Jboss EAP CVE-2023-3223 Vulnerability (CVE-2023-3223)

Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-14240)

Severity

Medium

Classification

CVE-2018-17423 CWE-707 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities