CVE-2004-2261 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the login name/author field in the (1) news submit or (2) article submit functions.

Affected Software

Name	Vendor	Start Version	End Version
E107	E107	0.545 (including)	0.545 (including)
E107	E107	0.554 (including)	0.554 (including)
E107	E107	0.555_beta (including)	0.555_beta (including)
E107	E107	0.603 (including)	0.603 (including)
E107	E107	0.610 (including)	0.610 (including)
E107	E107	0.611 (including)	0.611 (including)
E107	E107	0.612 (including)	0.612 (including)
E107	E107	0.613 (including)	0.613 (including)
E107	E107	0.614 (including)	0.614 (including)

References

http://secunia.com/advisories/11567
http://securitytracker.com/id?1010084
http://www.osvdb.org/5982
http://www.securityfocus.com/bid/10293
https://exchange.xforce.ibmcloud.com/vulnerabilities/16087
http://secunia.com/advisories/11567
http://securitytracker.com/id?1010084
http://www.osvdb.org/5982
http://www.securityfocus.com/bid/10293
https://exchange.xforce.ibmcloud.com/vulnerabilities/16087

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-2261
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html