Description

Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields.

Remediation

References

CVE-2004-2031

Related Vulnerabilities

ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40888)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4583)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5900)

WordPress Plugin Titan Framework Cross-Site Scripting (1.7.5)

MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-4098)

Severity

Medium

Classification

CVE-2004-2031

Tags

Missing Update Known Vulnerabilities