CVE-2019-8279

2019-03-0201:00:00

Kaspersky

www.cve.org

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

31.2%

JSON

Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum.

CNA Affected

[
  {
    "product": "Vanilla Forums",
    "vendor": "Kaspersky Lab",
    "versions": [
      {
        "status": "affected",
        "version": "Before 2.5"
      }
    ]
  }
]

References

scriptinjection.blogspot.com/2019/02/vanilla-forums-25-stored-xss-in-any.html