6 matches found
CVE-2026-35057
XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting XSS in structured text mentions, primarily affecting legacy profile post content. An attacker can inject malicious scripts through crafted mentions that are stored and executed when other users view the content...
CVE-2026-35057 XenForo Stored Cross-Site Scripting via Structured Text Mentions
XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting XSS in structured text mentions, primarily affecting legacy profile post content. An attacker can inject malicious scripts through crafted mentions that are stored and executed when other users view the content...
CVE-2026-35057
XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting XSS in structured text mentions, primarily affecting legacy profile post content. An attacker can inject malicious scripts through crafted mentions that are stored and executed when other users view the content...
CVE-2026-35057
XenForo is affected in versions prior to 2.3.10 and prior to 2.2.19. The vulnerability is a stored XSS in structured text mentions, primarily impacting legacy profile post content. An attacker can inject malicious scripts via crafted mentions that are stored and executed when other users view the...
CVE-2026-35057 XenForo Stored Cross-Site Scripting via Structured Text Mentions
XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting XSS in structured text mentions, primarily affecting legacy profile post content. An attacker can inject malicious scripts through crafted mentions that are stored and executed when other users view the content...
PT-2026-29432
XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting XSS in structured text mentions, primarily affecting legacy profile post content. An attacker can inject malicious scripts through crafted mentions that are stored and executed when other users view the content...