CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Kunena: >> Kunena >> 5.0.4 Security Vulnerabilities

CVE-2019-15120

The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode.

CVSS Score

5.4

EPSS Score

0.014

Published

2019-08-16

CVE-2017-5673

In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subject) accepts JavaScript, leading to XSS. Six files are affected: crypsis/layouts/message/item/default.php, crypsis/layouts/message/item/top/default.php, crypsis/layouts/message/item/bottom/default.php, crypsisb3/layouts/message/item/default.php, crypsisb3/layouts/message/item/top/default.php, and crypsisb3/layouts/message/item/bottom/default.php. This is fixed in 5.0.5.

CVSS Score

6.1

EPSS Score

0.002

Published

2017-03-22

Page 1

Vulnerabilities

Vulnerable Software

Kunena: >> Kunena >> 5.0.4 Security Vulnerabilities

Products

Pricing

Contact Us