CVE-2022-50905— e107 CMS v3.2.1 - Reflected XSS via Comment Flow

e107 CMS v3.2.1 - Reflected XSS via Comment Flow

e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting (XSS) attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when authenticated users interact with the comment form. An attacker can inject malicious JavaScript code through the URL parameter that gets executed when users click outside the comment field after typing content. The second vulnerability involves an upload restriction bypass for authenticated administrators, allowing them to upload SVG files containing malicious code through the media manager's remote URL upload feature. This results in stored XSS when the uploaded SVG files are accessed. These vulnerabilities were discovered by Hubert Wojciechowski and affect the news.php and image.php components of the CMS.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

e107 跨站脚本漏洞

e107是E107团队的一套开源、免费且基于PHP和MySQL的内容管理系统（CMS）。该系统支持多种插件和外观主题，可作为个人博客、讨论社区、档案资料库等。 e107 3.2.1版本存在跨站脚本漏洞，该漏洞源于news.php和image.php组件存在跨站脚本攻击和上传限制绕过，可能导致反射型跨站脚本和存储型跨站脚本攻击。

N/A

N/A