Vulnerabilities > Nodebb

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-29	CVE-2023-30591	Improper Check for Unusual or Exceptional Conditions vulnerability in Nodebb Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively. network low complexity nodebb CWE-754	7.5
2023-09-27	CVE-2023-43187	XML Injection (aka Blind XPath Injection) vulnerability in Nodebb A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests. network low complexity nodebb CWE-91 critical	9.8
2023-07-25	CVE-2023-2850	Origin Validation Error vulnerability in Nodebb NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. network low complexity nodebb CWE-346	4.7
2023-07-24	CVE-2023-26045	Unspecified vulnerability in Nodebb NodeBB is Node.js based forum software. network low complexity nodebb critical	9.8
2022-12-05	CVE-2022-46164	Unspecified vulnerability in Nodebb NodeBB is an open source Node.js based forum software. network low complexity nodebb critical	9.8
2022-11-13	CVE-2022-3978	Cross-Site Request Forgery (CSRF) vulnerability in Nodebb A vulnerability, which was classified as problematic, was found in NodeBB up to 2.5.7. network low complexity nodebb CWE-352	4.3
2022-09-02	CVE-2022-36076	Unspecified vulnerability in Nodebb NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. network high complexity nodebb	7.5
2022-08-31	CVE-2022-36045	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Nodebb NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. network low complexity nodebb CWE-338 critical	9.8
2021-11-29	CVE-2021-43786	Unspecified vulnerability in Nodebb Nodebb is an open source Node.js based forum software. network low complexity nodebb	7.5
2021-11-29	CVE-2021-43787	Unspecified vulnerability in Nodebb Nodebb is an open source Node.js based forum software. network low complexity nodebb	6.1

Vulnerabilities > Nodebb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Nodebb"}]}

Vulnerabilities > Nodebb