sromanhu/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags

Releases0

e107 2.3.2 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Copyright and Author field in the Meta & Custom Tags Menu.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-43874 ↗	Sep 28, 2023Thursday, 28 September 2023, 14:15	5.4 MEDIUM	—
Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu.