Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2020-21845

Disclosure Date: September 14, 2020 (last updated February 22, 2025)
Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.'
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-5842

Disclosure Date: January 07, 2020 (last updated February 21, 2025)
Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI. The payload is, for example, executed on the admin/index.php?page=users/manage page.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-5843

Disclosure Date: January 07, 2020 (last updated February 21, 2025)
Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-5305

Disclosure Date: January 05, 2020 (last updated February 21, 2025)
Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manage Users screen.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-5306

Disclosure Date: January 05, 2020 (last updated February 21, 2025)
Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0