exploitDog

GHSA-gpg3-h2f7-7hcx

Опубликовано: 18 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and potentially render the blacklist IP functionality unusable until content is removed via the database.

Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and potentially render the blacklist IP functionality unusable until content is removed via the database.

Ссылки

EPSS

Процентиль: 15%

0.00048

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-29512

CVSS3: 6.1

nvd

10 месяцев назад

Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and potentially render the blacklist IP functionality unusable until content is removed via the database.

EPSS

Процентиль: 15%

0.00048

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79