Medium severity6.5OSV Advisory· Published Apr 24, 2017· Updated Jun 17, 2026
CVE-2017-8098
CVE-2017-8098
Description
e107 2.1.4 is vulnerable to cross-site request forgery in plugin-installing, meta-changing, and settings-changing. A malicious web page can use forged requests to make e107 download and install a plug-in provided by the attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- seclists.org/fulldisclosure/2017/Apr/40nvdPatchThird Party AdvisoryVDB Entry
- github.com/e107inc/e107/commit/7a3e3d9fc7e05ce6941b9af1c14010bf2141f1a5nvdPatchThird Party Advisory
News mentions
0No linked articles in our index yet.