Description
Cross-site scripting (XSS) vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.15.727)
ownCloud Improper Access Control Vulnerability (CVE-2016-9462)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4293)
Apache Tomcat Insufficient Verification of Data Authenticity Vulnerability (CVE-2017-7674)