{"id":"CVE-2018-16381","details":"e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter.","modified":"2026-07-08T17:18:08.371514Z","published":"2018-09-05T21:29:03.593Z","references":[{"type":"EVIDENCE","url":"https://github.com/dhananjay-bajaj/E107-v2.1.8-XSS-POC"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/e107inc/e107","events":[{"introduced":"4264dc6f66b006e588f8882b44fa466bf07b7d47"},{"last_affected":"4264dc6f66b006e588f8882b44fa466bf07b7d47"}],"database_specific":{"extracted_events":[{"introduced":"2.1.8"},{"last_affected":"2.1.8"}],"cpe":"cpe:2.3:a:e107:e107:2.1.8:*:*:*:*:*:*:*","source":"CPE_STRING"}}],"versions":["2.1.8","v2.1.8"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16381.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}