RSS   Vulnerabilities for 'Online discussion forum'   RSS

2021-04-19
 
CVE-2020-28141

CWE-79
 

 
The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page.

 


Copyright 2024, cxsecurity.com

 

Back to Top