CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28968

An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.5%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2021-28968

Gnu » Punbb » Version: 1.2.22

cpe:2.3:a:gnu:punbb:1.2.22
Gnu » Punbb » Version: 1.2.23

cpe:2.3:a:gnu:punbb:1.2.23
Gnu » Punbb » Version: 1.3.2

cpe:2.3:a:gnu:punbb:1.3.2
Gnu » Punbb » Version: 1.3.3

cpe:2.3:a:gnu:punbb:1.3.3
Gnu » Punbb » Version: 1.3.4

cpe:2.3:a:gnu:punbb:1.3.4
Gnu » Punbb » Version: 1.3.5

cpe:2.3:a:gnu:punbb:1.3.5
Gnu » Punbb » Version: 1.3.6

cpe:2.3:a:gnu:punbb:1.3.6
Gnu » Punbb » Version: 1.4

cpe:2.3:a:gnu:punbb:1.4
Gnu » Punbb » Version: 1.4.1

cpe:2.3:a:gnu:punbb:1.4.1
Gnu » Punbb » Version: 1.4.2

cpe:2.3:a:gnu:punbb:1.4.2
Gnu » Punbb » Version: 1.4.3

cpe:2.3:a:gnu:punbb:1.4.3
Gnu » Punbb » Version: 1.4.4

cpe:2.3:a:gnu:punbb:1.4.4
Gnu » Punbb » Version: 1.4.5

cpe:2.3:a:gnu:punbb:1.4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28968

Products

Pricing

Contact Us