Description e107 2.1.7 has CSRF resulting in arbitrary user deletion. Remediation References CVE-2018-11127 Related Vulnerabilities Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26266) WordPress Plugin BSK PDF Manager Multiple SQL Injection Vulnerabilities (1.3.2) TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20115) WordPress Plugin Poll, Survey, Questionnaire and Voting system SQL Injection (1.2.4) TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747) Severity Medium Classification CVE-2018-11127 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Tags Missing Update Known Vulnerabilities