Reflected Cross-Site Scripting (XSS) in e107
High-Tech Bridge Security Research Lab discovered vulnerability in e107, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Reflected Cross-Site Scripting XSS in e107: CVE-2014-4734 The vulnerability exists due to insufficient sanitization of "type" HTTP GET parameter passed to...