Description
chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded.
Remediation
References
Related Vulnerabilities
WordPress Plugin Mass Pages/Posts Creator Cross-Site Scripting (1.2.2)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1240)
WordPress Plugin Gallery Plugin for WordPress-Envira Photo Gallery Cross-Site Scripting (1.8.3.2)
WordPress Plugin Wp-Insert Cross-Site Scripting (2.5.0)
WordPress Plugin SEOPress, on-site SEO Cross-Site Scripting (5.0.3)