Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields.
Name | Vendor | Start Version | End Version |
---|---|---|---|
E107 | E107 | 0.545 (including) | 0.545 (including) |
E107 | E107 | 0.554 (including) | 0.554 (including) |
E107 | E107 | 0.555_beta (including) | 0.555_beta (including) |
E107 | E107 | 0.603 (including) | 0.603 (including) |
E107 | E107 | 0.610 (including) | 0.610 (including) |
E107 | E107 | 0.611 (including) | 0.611 (including) |
E107 | E107 | 0.612 (including) | 0.612 (including) |
E107 | E107 | 0.613 (including) | 0.613 (including) |
E107 | E107 | 0.614 (including) | 0.614 (including) |
E107 | E107 | 0.615 (including) | 0.615 (including) |
E107 | E107 | 0.615a (including) | 0.615a (including) |