Description An issue was discovered in e107 v2.1.9. There is a XSS attack on e107_admin/comment.php. Remediation References CVE-2018-17423 Related Vulnerabilities WordPress Plugin Facebook Opengraph Meta 'all_meta.php' SQL Injection (1.0) Magento Improper Authorization Vulnerability (CVE-2020-24402) MediaWiki Other Vulnerability (CVE-2006-2611) Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0226) WebLogic CVE-2021-2382 Vulnerability (CVE-2021-2382) Severity Medium Classification CVE-2018-17423 CWE-707 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Tags Missing Update Known Vulnerabilities