Описание
Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS.
Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS.
EPSS
Процентиль: 87%
0.03391
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
nvd
почти 6 лет назад
Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution.
EPSS
Процентиль: 87%
0.03391
Низкий