CVE-2010-0997

2010-04-20T16:30:00
ID CVE-2010-0997
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:55:00

Description

Cross-site scripting (XSS) vulnerability in 107_plugins/content/content_manager.php in the Content Management plugin in e107 before 0.7.20, when the personal content manager is enabled, allows user-assisted remote authenticated users to inject arbitrary web script or HTML via the content_heading parameter.