Vulnerabilities > Jforum > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-04 | CVE-2021-40509 | Cross-site Scripting vulnerability in Jforum 2.7.0 ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature. | 5.4 |
| 2019-02-12 | CVE-2019-7550 | Information Exposure Through an Error Message vulnerability in Jforum 2.1.8 In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using the "create user" function. | 5.3 |