Description

Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields.

Remediation

References

CVE-2004-2031

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5272)

WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (3.8.5)

WordPress Plugin Staff Directory-Employee Directory for WordPress Unspecified Vulnerability (3.6.1)

WordPress Plugin Coming Soon Multiple Vulnerabilities (1.1.18)

WordPress Plugin Fathom Analytics Cross-Site Scripting (3.0.4)

Severity

Medium

Classification

CVE-2004-2031

Tags

Missing Update Known Vulnerabilities