XSS in Xmbforum2 Xmb Forum

CVE-2024-58292

XMB Forum 1.9.12.06 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript into templates and front page settings. Attackers can insert XSS payloads in footer templa…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (27.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References