Vulnerabilities > Nodebb

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-29	CVE-2021-43788	Unspecified vulnerability in Nodebb Nodebb is an open source Node.js based forum software. network low complexity nodebb	5.0
2020-08-26	CVE-2020-15156	Unspecified vulnerability in Nodebb Blog Comments In nodebb-plugin-blog-comments before version 0.7.0, a logged in user is vulnerable to an XSS attack which could allow a third party to post on their behalf on the forum. network low complexity nodebb	8.1
2020-08-20	CVE-2020-15149	Improper Authentication vulnerability in Nodebb NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. network low complexity nodebb CWE-287 critical	9.9
2019-04-30	CVE-2015-9286	Cross-site Scripting vulnerability in Nodebb Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS. network low complexity nodebb CWE-79	6.1
2017-09-21	CVE-2015-3296	Cross-site Scripting vulnerability in Nodebb Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before 0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript: or (2) data: URLs. network low complexity nodebb CWE-79	6.1

Vulnerabilities > Nodebb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Nodebb"}]}