Codologic: >> Codoforum >> 5.0.2 Security Vulnerabilities
A stored cross site scripting (XSS) vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-07-09
A stored cross site scripting (XSS) vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-07-09
A stored cross site scripting (XSS) vulnerability in the 'Manage Users' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Username' parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-07-09