Full Disclosure

Reflecting XSS vulnerability in CMS e107 v. 1.0.4

Leave a comment

Posted by Steffen Rösemann on Jan 09

Advisory: Reflecting XSS vulnerability in CMS e107 v. 1.0.4
Advisory ID: SROEADV-2014-05
Author: Steffen Rösemann
Affected Software: CMS e107 v. 1.0.4
Vendor URL: http://e107.org
Vendor Status: did not respond to issue
CVE-ID: –

==========================
Vulnerability Description:
==========================

The CMS e107 v. 1.0.4 has a reflecting XSS vulnerability in its
administrative backend which can be exploited by bypassing an XSS filter….

Leave a Reply