CVE-2010-0997

2010-04-20T12:30:00
ID CVE-2010-0997
Type cve
Reporter NVD
Modified 2018-10-10T15:55:16

Description

Cross-site scripting (XSS) vulnerability in 107_plugins/content/content_manager.php in the Content Management plugin in e107 before 0.7.20, when the personal content manager is enabled, allows user-assisted remote authenticated users to inject arbitrary web script or HTML via the content_heading parameter.