Vulnerabilities > Kunena > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-16 | CVE-2019-15120 | Cross-site Scripting vulnerability in Kunena The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. | 5.4 |
| 2017-03-22 | CVE-2017-5673 | Cross-site Scripting vulnerability in Kunena 5.0.2/5.0.3/5.0.4 In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subject) accepts JavaScript, leading to XSS. | 6.1 |