Description b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php. Remediation References CVE-2016-8901 Related Vulnerabilities silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5078) WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Cross-Site Scripting (5.4.4) Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42112) Oracle JRE CVE-2020-14621 Vulnerability (CVE-2020-14621) WordPress Plugin WordPress File Upload Cross-Site Scripting (4.3.3) Severity Critical Classification CVE-2016-8901 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities