Valine v1.4.18 was discovered to contain a remote code execution (RCE) vulnerability which allows attackers to execute arbitrary code via a crafted POST...
9.6CVSS
9.7AI Score
0.003EPSS
Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to...
5.4CVSS
5.2AI Score
0.001EPSS
Valine 1.4.14 allows remote attackers to cause a denial of service (application outage) by supplying a ua (aka User-Agent) value that only specifies the product and...
5.3CVSS
5.3AI Score
0.002EPSS
An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf...
6.1CVSS
6.2AI Score
0.001EPSS