All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-01-27
Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-09-07