Vulnerabilities > Kunena
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-25 | CVE-2016-11020 | Unrestricted Upload of File with Dangerous Type vulnerability in Kunena Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. | 9.8 |
2019-08-16 | CVE-2019-15120 | Cross-site Scripting vulnerability in Kunena The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. | 5.4 |
2017-03-22 | CVE-2017-5673 | Cross-site Scripting vulnerability in Kunena 5.0.2/5.0.3/5.0.4 In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subject) accepts JavaScript, leading to XSS. | 6.1 |