e107 2.1.4 is vulnerable to cross-site request forgery in plugin-installing, meta-changing, and settings-changing. A malicious web page can use forged requests to make e107 download and install a plug-in provided by the attacker.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-04-24T18:00:00Z
Updated: 2024-09-16T18:09:07.299Z
Reserved: 2017-04-24T00:00:00Z
Link: CVE-2017-8098
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-04-24T18:59:00.663
Modified: 2024-11-21T03:33:18.993
Link: CVE-2017-8098
Redhat
No data.