Vulnerabilities > Nodebb > Nodebb > 2.8.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-29 | CVE-2023-30591 | Improper Check for Unusual or Exceptional Conditions vulnerability in Nodebb Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively. | 7.5 |
2023-07-25 | CVE-2023-2850 | Origin Validation Error vulnerability in Nodebb NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. | 4.7 |
2023-07-24 | CVE-2023-26045 | Path Traversal vulnerability in Nodebb NodeBB is Node.js based forum software. | 9.8 |