Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:37 a.m.6 views

CVE-2023-26045

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

10CVSS6.8AI score0.00834EPSS
Exploits0References1
NVD
NVD
added 2023/07/24 10:15 p.m.39 views

CVE-2023-26045

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

10CVSS9.2AI score0.00834EPSS
Exploits0References3
CVE
CVE
added 2023/07/24 9:8 p.m.75 views

CVE-2023-26045

CVE-2023-26045 affects NodeBB up to 2.8.7, where a path traversal in the user export path (due to object destructuring) could be triggered by a specially crafted payload to arbitrarily execute local JavaScript. Affected range: 2.5.0 through

10CVSS9.2AI score0.00834EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/07/24 9:8 p.m.56 views

CVE-2023-26045 NodeBB vulnerable to path traversal and code execution via prototype vulnerability

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

10CVSS9.4AI score0.00834EPSS
Exploits0References3
Rows per page
Query Builder