Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
e107 Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2017-8098 - Vulnerability Database
e107

e107 Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2017-8098

Medium
Reference: CVE-2017-8098
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-8098
Title: e107 Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

e107 2.1.4 is vulnerable to cross-site request forgery in plugin-installing meta-changing and settings-changing. A malicious web page can use forged requests to make e107 download and install a plug-in provided by the attacker.