3 matches found
CVE-2022-50905 e107 CMS v3.2.1 - Reflected XSS via Comment Flow
e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting XSS attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when authenticated users interact with the comment form. An attacker can inject malicious JavaScript code...
Cross site scripting
Cross-site scripting XSS vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field...
CVE-2007-0763
Cross-site scripting XSS vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field...