Vulnerabilities > Jforum

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-16	CVE-2022-26173	Cross-Site Request Forgery (CSRF) vulnerability in Jforum 2.8.0 JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts. network low complexity jforum CWE-352	8.8
2021-09-04	CVE-2021-40509	Cross-site Scripting vulnerability in Jforum 2.7.0 ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature. network low complexity jforum CWE-79	5.4
2019-02-12	CVE-2019-7550	Information Exposure Through an Error Message vulnerability in Jforum 2.1.8 In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using the "create user" function. network low complexity jforum CWE-209	5.3

Vulnerabilities > Jforum {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jforum"}]}