Mm Forum@1.8.1 Security Vulnerabilities and Issues — Mm Forum@1.8.1 CVE List

Lucene search

Mm Forum ProjectMm Forum1.8.1

3 matches found

CVE•added 2014/10/03 2:55 p.m.•38 views

CVE-2014-6299

Cross-site request forgery (CSRF) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors.

6.8CVSS7.3AI score0.00116EPSS

CVE•added 2014/10/03 2:55 p.m.•33 views

CVE-2014-6297

Cross-site scripting (XSS) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2014/10/03 2:55 p.m.•30 views

CVE-2014-6298

Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.

7.5CVSS8AI score0.0188EPSS