CVE-2015-1057

2015-01-1615:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.6%

JSON

Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2.0.0 allows remote attackers to inject arbitrary web script or HTML via the “Real Name” value.

References

osvdb.org/show/osvdb/116692

www.exploit-db.com/exploits/35679

exchange.xforce.ibmcloud.com/vulnerabilities/99627