Description
Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags.
Remediation
References
Related Vulnerabilities
Django DEPRECATED: Code Vulnerability (CVE-2015-0222)
Liferay Portal Missing Authorization Vulnerability (CVE-2022-38512)
Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3728)
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2018-14719)
WordPress Plugin Social Media Widget by Acurax Cross-Site Request Forgery (3.2.5)