Vulnerabilities > Kunena

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-25	CVE-2016-11020	Unrestricted Upload of File with Dangerous Type vulnerability in Kunena Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. network low complexity kunena CWE-434 critical	9.8
2019-08-16	CVE-2019-15120	Cross-site Scripting vulnerability in Kunena The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. network low complexity kunena CWE-79	5.4
2017-03-22	CVE-2017-5673	Cross-site Scripting vulnerability in Kunena 5.0.2/5.0.3/5.0.4 In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subject) accepts JavaScript, leading to XSS. network low complexity kunena CWE-79	6.1

Vulnerabilities > Kunena {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Kunena"}]}