XSS in Xmbforum2 Xmb Forum
CVE-2024-58292
XMB Forum 1.9.12.06 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript into templates and front page settings. Attackers can insert XSS payloads in footer templa…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.004 (27.9th percentile) — read the EPSS interpretation.
Affected products
- Xmbforum2 Xmb Forum — versions 1.9.12.06
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)