5.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Cross Site Scripting (XSS) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the BBCode tags in the post content and post comments function.
github.com/friendica/friendica/issues/13884