Xenforo: >> Xenforo >> 2.2.9 Security Vulnerabilities
Xenforo before 2.2.16 allows code injection.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-06-16
XenForo before 2.2.14 allows Directory Traversal (with write access) by an authenticated user who has permissions to administer styles, and uses a ZIP archive for Styles Import.
CVSS Score
8.1
EPSS Score
0.003
Published
2024-02-29
Page 2