Mvnforum : Security Vulnerabilities, CVEs, (XSS)
Cross-site scripting (XSS) vulnerability in the listonlineusers (aka "Who's online") component in mvnForum before 1.2.1 GA allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Max CVSS
4.3
EPSS Score
0.28%
Published
2008-12-10
Updated
2018-10-11
Multiple cross-site scripting (XSS) vulnerabilities in activatemember in mvnForum 1.0 GA and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) member and (2) activatecode parameters.
Max CVSS
2.6
EPSS Score
0.53%
Published
2006-06-27
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter.
Max CVSS
4.3
EPSS Score
0.31%
Published
2005-05-02
Updated
2017-07-11
3 vulnerabilities found