Lucene search

K

MitreCVELIST:CVE-2016-11020

HistoryFeb 24, 2020 - 5:04 p.m.

CVE-2016-11020

2020-02-2417:04:35

mitre

www.cve.org

9.6 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution.

References

github.com/Kunena/Kunena-Forum/pull/5028

www.kunena.org/blog/179-kunena-5-0-4-released

www.kunena.org/bugs/changelog

9.6 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

Related for CVELIST:CVE-2016-11020

prion1 nvd1 cve1 osv1