// For flags

CVE-2010-0997

 

Severity Score

3.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cross-site scripting (XSS) vulnerability in 107_plugins/content/content_manager.php in the Content Management plugin in e107 before 0.7.20, when the personal content manager is enabled, allows user-assisted remote authenticated users to inject arbitrary web script or HTML via the content_heading parameter.

Vulnerabilidad de secuencias de comandos en sitios cruzados en 107_plugins/content/content_manager.php en el complemento -plugin- Content Management de e107 anterior a v0.7.20, cuando el gestor de contenido personal está habilitado, permite a usuarios autenticados en remoto asistidos por usuarios locales inyectar secuencias de comandos Web o HTML mediante el parámetro content_heading.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-03-18 CVE Reserved
  • 2010-04-19 CVE Published
  • 2024-06-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
<= 0.7.19
Search vendor "E107" for product "E107" and version " <= 0.7.19"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.0
Search vendor "E107" for product "E107" and version "0.7.0"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.1
Search vendor "E107" for product "E107" and version "0.7.1"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.2
Search vendor "E107" for product "E107" and version "0.7.2"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.3
Search vendor "E107" for product "E107" and version "0.7.3"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.4
Search vendor "E107" for product "E107" and version "0.7.4"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.5
Search vendor "E107" for product "E107" and version "0.7.5"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.6
Search vendor "E107" for product "E107" and version "0.7.6"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.7
Search vendor "E107" for product "E107" and version "0.7.7"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.8
Search vendor "E107" for product "E107" and version "0.7.8"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.9
Search vendor "E107" for product "E107" and version "0.7.9"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.10
Search vendor "E107" for product "E107" and version "0.7.10"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.11
Search vendor "E107" for product "E107" and version "0.7.11"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.12
Search vendor "E107" for product "E107" and version "0.7.12"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.13
Search vendor "E107" for product "E107" and version "0.7.13"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.14
Search vendor "E107" for product "E107" and version "0.7.14"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.15
Search vendor "E107" for product "E107" and version "0.7.15"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.16
Search vendor "E107" for product "E107" and version "0.7.16"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.17
Search vendor "E107" for product "E107" and version "0.7.17"
-
Affected
E107
Search vendor "E107"
E107
Search vendor "E107" for product "E107"
0.7.18
Search vendor "E107" for product "E107" and version "0.7.18"
-
Affected