Description

Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields.

Remediation

References

CVE-2004-2031

Related Vulnerabilities

WordPress Plugin ImageMagick Engine Cross-Site Request Forgery (1.7.4)

WordPress Plugin Auto Affiliate Links Multiple SQL Injection Vulnerabilities (4.9.9.4)

osTicket Integer Overflow or Wraparound Vulnerability (CVE-2018-7194)

Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43798)

WordPress Plugin Booking calendar, Appointment Booking System Multiple Vulnerabilities (2.1.7)

Severity

Medium

Classification

CVE-2004-2031

Tags

Missing Update Known Vulnerabilities