VYPR
Medium severity5.4NVD Advisory· Published Nov 17, 2017· Updated Jun 17, 2026

CVE-2017-1000160

CVE-2017-1000160

Description

EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection

Affected products

2
  • cpe:2.3:a:expressionengine:expressionengine:3.4.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:expressionengine:expressionengine:3.4.2:*:*:*:*:*:*:*
    • (no CPE)range: <3.4.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.