Vulnerabilities > Nodebb > Nodebb
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-30 | CVE-2015-9286 | Cross-site Scripting vulnerability in Nodebb Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS. | 4.3 |
| 2017-09-21 | CVE-2015-3296 | Cross-site Scripting vulnerability in Nodebb Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before 0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript: or (2) data: URLs. | 4.3 |