12 matches found
EUVD-2019-6191
Malware in sbrugna...
EUVD-2017-14750
Malware in sbrugna...
CVE-2019-15120
The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode...
CVE-2019-15120
The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode...
CVE-2019-15120
The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode...
Cross site scripting
The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode...
CVE-2019-15120
The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode...
PT-2019-13999 · Joomla · Kunena
Name of the Vulnerable Software and Affected Versions: Kunena extension versions prior to 5.1.14 for Joomla! Description: The issue allows for XSS via BBCode, which can be exploited to execute malicious scripts. Recommendations: For versions prior to 5.1.14, update to version 5.1.14 or later to...
CVE-2017-5673
In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject aka topic subject accepts JavaScript, leading to XSS. Six files are affected: crypsis/layouts/message/item/default.php, crypsis/layouts/message/item/top/default.php, crypsis/layouts/message/item/bottom/default.php,...
CVE-2017-5673
In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject aka topic subject accepts JavaScript, leading to XSS. Six files are affected: crypsis/layouts/message/item/default.php, crypsis/layouts/message/item/top/default.php, crypsis/layouts/message/item/bottom/default.php,...
Design/Logic Flaw
In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject aka topic subject accepts JavaScript, leading to XSS. Six files are affected: crypsis/layouts/message/item/default.php, crypsis/layouts/message/item/top/default.php, crypsis/layouts/message/item/bottom/default.php,...
CVE-2017-5673
CVE-2017-5673 pertains to the Kunena forum extension for Joomla!, where the forum message subject (topic subject) accepts JavaScript, enabling cross-site scripting (XSS). Affected are Kunena versions 5.0.2–5.0.4; six template files render the subject and can be leveraged for script injection. The...