Description

Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields.

Remediation

References

CVE-2004-2031

Related Vulnerabilities

Envoy Proxy CVE-2023-27487 Vulnerability (CVE-2023-27487)

WordPress Plugin WP User Groups Cross-Site Request Forgery (2.0.0)

Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2013-0340)

WordPress Plugin WP Support Plus Responsive Ticket System PHP Object Injection (9.0.3)

WordPress Plugin WordPress Popular Posts TimThumb Arbitrary File Upload (2.1.4)

Severity

Medium

Classification

CVE-2004-2031

Tags

Missing Update Known Vulnerabilities