6.1CVSS
6.2AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.006EPSS
Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function.
6.1CVSS
6.2AI Score
0.001EPSS
An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames.
5.3CVSS
5.2AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.
6.1CVSS
5.9AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter.
6.1CVSS
5.9AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter.
6.1CVSS
5.9AI Score
0.001EPSS