CVE-2010-0997

Vulnerability

The Content Management plugin in e107 before version 0.7.20 contains a cross-site scripting (XSS) vulnerability in the file 107_plugins/content/content_manager.php. The vulnerability is triggered when the personal content manager is enabled and an authenticated user supplies a crafted content_heading parameter. The affected versions are all e107 releases prior to 0.7.20 [1][2].

Exploitation

An attacker must be an authenticated user with access to the personal content manager. The attacker can inject arbitrary web script or HTML into the content_heading parameter. The attack is user-assisted, meaning that the victim must view the manipulated content (e.g., by visiting a page or clicking a link) for the script to execute [1].

Impact

Successful exploitation allows the attacker to execute arbitrary script or HTML in the context of the victim's browser. This can lead to session hijacking, defacement, or other client-side attacks. The attacker gains the ability to impersonate the victim or steal sensitive information [1].

Mitigation

The vulnerability is fixed in e107 version 0.7.20, released on an unspecified date. Users should upgrade to this version or later [2]. If upgrading is not immediately possible, the personal content manager feature should be disabled to mitigate the risk [1].