Page 2 of 8 results (0.013 seconds)

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen. Codoforum versión 4.8.3, permite un ataque de tipo XSS en el panel de administración por medio de una categoría en la pantalla Manage Users. • http://codologic.com/forum/index.php?u=/category/news-and-announcements https://vyshnavvizz.blogspot.com/2020/01/persistent-cross-site-scripting-admin.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 2

Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content. Codoforum versión 4.8.3, permite un ataque de tipo XSS por medio de una publicación utilizando los parámetros display name, title name, o content. • http://codologic.com/forum/index.php?u=/category/news-and-announcements https://vyshnavvizz.blogspot.com/2020/01/stored-cross-site-scripting-in.html https://www.exploit-db.com/exploits/47886 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manage Users screen. Codoforum versión 4.8.3, permite un ataque de tipo XSS en el panel de administración por medio de un campo de nombre de un nuevo usuario, es decir, en la pantalla Manage Users. • http://codologic.com/forum/index.php?u=/category/news-and-announcements https://vyshnavvizz.blogspot.com/2020/01/stored-cross-site-scripting-in_2.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •