CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jforum: >> Jforum >> 2.1.9 Security Vulnerabilities

CVE-2012-5338

Open redirect vulnerability in JForum 2.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnPath parameter in a validateLogin action to jforum.page.

CVSS Score

5.8

EPSS Score

0.002

Published

2013-09-23

CVE-2012-5337

Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in JForum 2.1.9 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) match_type, (3) sort_by, or (4) start parameters.

CVSS Score

4.3

EPSS Score

0.004

Published

2013-02-24

Page 1

Vulnerabilities

Vulnerable Software

Jforum: >> Jforum >> 2.1.9 Security Vulnerabilities

Products

Pricing

Contact Us