Back to search
CVE-2009-3444
Published: Sep 28, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in email.php in e107 0.7.16 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header in a news.1 (aka news to email) action.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
36832
third-party-advisory
x_refsource_SECUNIA
http://websecurity.com.ua/3528
x_refsource_MISC
58363
vdb-entry
x_refsource_OSVDB
36517
vdb-entry
x_refsource_BID
1022947
vdb-entry
x_refsource_SECTRACK
20090924 Cross-Site Scripting vulnerability in E107
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now