First published: Mon Apr 24 2017(Updated: )
e107 2.1.4 is vulnerable to cross-site request forgery in plugin-installing, meta-changing, and settings-changing. A malicious web page can use forged requests to make e107 download and install a plug-in provided by the attacker.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
E107 E107 | =2.1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.