WEB APPLICATION VULNERABILITIES Standard & Premium

Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8279)

Description

Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum.

Remediation

References

Related Vulnerabilities

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0703)

WordPress Plugin Titan Framework Cross-Site Scripting (1.5.2)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3181)

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901)

Internet Information Services Other Vulnerability (CVE-2000-0770)

Severity

Medium

Classification

CVE-2019-8279 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities