Beetl-Bbs Project: Security Vulnerabilities
Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the /index keyword parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-01-23
A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-01-16
A vulnerability was found in xiandafu beetl-bbs. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file WebUtils.java. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215107.
CVSS Score
3.5
EPSS Score
0.001
Published
2022-12-08