Description

Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields.

Remediation

References

CVE-2004-2031

Related Vulnerabilities

PHP Resource Management Errors Vulnerability (CVE-2006-1991)

WordPress Plugin Active Directory Integration/LDAP Integration Unspecified Vulnerability (3.7.6)

WordPress Plugin Ghost Arbitrary File Download (0.5.5)

WordPress Plugin WordPress WP-Advanced-Search Remote Code Execution (3.3.3)

SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0465)

Severity

Medium

Classification

CVE-2004-2031

Tags

Missing Update Known Vulnerabilities