Opensource-Socialnetwork: >> Open Source Social Network Security Vulnerabilities
OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-05
Open Source Social Network (OSSN) 8.6 is vulnerable to Cross Site Scripting (XSS) via the parameter param` at endpoint u/administrator/friends.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-11-03
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php.
CVSS Score
5.9
EPSS Score
0.061
Published
2020-03-30