Medium severity5.4NVD Advisory· Published Nov 17, 2017· Updated May 13, 2026
CVE-2017-1000160
CVE-2017-1000160
Description
EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection
Affected products
1- cpe:2.3:a:expressionengine:expressionengine:3.4.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- docs.expressionengine.com/latest/about/changelog.htmlnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.