[EN] Reflected XSS in latest e107 CMS (1.0.1)

Hi ;)

Some one asked me about this case in mail, so here is the answer:


1. Go to 'register' page:

2. As Your e-mail confirmation, add yourm@il +  code from screen nr 3:

3. View from Burp Proxy:

4. ... and another one, parameters:

Cheers ;)

o/