Lucene search

Vanilla Security Vulnerabilities - 2020

cve

Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.

6.1CVSS

6AI Score

0.001EPSS

2020-02-05 09:15 PM

cve

An issue exists in Vanilla Forums before 2.0.17.9 due to the way cookies are handled.

7.5CVSS

7.4AI Score

0.001EPSS

2020-01-22 06:15 PM

cve

An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9.

9.8CVSS

9.3AI Score

0.002EPSS

2020-01-22 06:15 PM

cve

index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.

5.4CVSS

5.3AI Score

0.001EPSS

2020-02-10 12:15 PM