CVE-2022-50905
Unknown Unknown - Not Provided
Multiple XSS Vulnerabilities in e107 CMS 3.2.1 Components

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: VulnCheck

Description
e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting (XSS) attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when authenticated users interact with the comment form. An attacker can inject malicious JavaScript code through the URL parameter that gets executed when users click outside the comment field after typing content. The second vulnerability involves an upload restriction bypass for authenticated administrators, allowing them to upload SVG files containing malicious code through the media manager's remote URL upload feature. This results in stored XSS when the uploaded SVG files are accessed. These vulnerabilities were discovered by Hubert Wojciechowski and affect the news.php and image.php components of the CMS.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50905
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
e107 e107 3.2.1
e107 e107 2.3.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2022-50905 in e107 CMS version 3.2.1 involves multiple security issues: 1) Reflected Cross-Site Scripting (XSS) in the news comment functionality where authenticated users can inject malicious JavaScript via a URL parameter that executes when interacting with the comment form. 2) Upload restriction bypass for authenticated administrators allowing them to upload SVG files containing malicious code through the media manager's remote URL upload feature, resulting in stored XSS when these files are accessed. Additionally, authenticated admins can upload and execute arbitrary PHP files and overwrite critical server files via directory traversal in the upload feature, leading to remote code execution and full server compromise. These vulnerabilities arise from insufficient input validation and improper file upload handling. [1, 4]

Impact Analysis

This vulnerability can lead to several severe impacts: attackers can execute arbitrary JavaScript code in users' browsers via reflected and stored XSS, potentially stealing session data or performing actions on behalf of users. Authenticated administrators can exploit upload bypasses to upload malicious SVG or PHP files, enabling remote code execution on the server, overwriting critical files, and fully compromising the web application and underlying server. This can result in data theft, defacement, unauthorized access, and persistent compromise of the affected system. [1, 4]

Detection Guidance

Detection can involve monitoring for unusual GET or POST requests targeting the news comment form or media manager upload endpoints. For example, inspecting HTTP requests for URL parameters containing JavaScript event handlers (e.g., 'onchange') in comment submissions or POST requests uploading SVG or PHP files via the media manager. Commands such as using curl or wget to simulate these requests can help verify vulnerability presence. For instance, a GET request injecting 'onchange=alert(1)' in the comment form URL or a POST request uploading an SVG file to the image upload endpoint. Additionally, scanning web server logs for suspicious file uploads or directory traversal patterns (e.g., '../../../') in upload captions can help detect exploitation attempts. [1]

Mitigation Strategies

Immediate mitigation steps include restricting authenticated user permissions to prevent unauthorized comment submissions and file uploads, especially limiting administrator access. Disable or restrict the media manager's remote URL upload feature to prevent upload of SVG or PHP files. Implement input validation and sanitization on URL parameters and uploaded files to block malicious scripts and directory traversal sequences. Additionally, monitor and audit file uploads and web server logs for suspicious activity. Applying patches or updates from the vendor addressing these vulnerabilities is also critical once available. [1, 4]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50905. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart