CVE-2013-2750

Name of the Vulnerable Software and Affected Versions e107 versions prior to 1.0.3

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the query string. This is due to a vulnerability in the content preset.php file within the e107 plugins/content/handlers directory.

Recommendations For versions prior to 1.0.3, update to version 1.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the content preset.php file to minimize the risk of exploitation.