Medium severity5.4NVD Advisory· Published May 29, 2026· Updated Jun 10, 2026
CVE-2018-25384
CVE-2018-25384
Description
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the reply_text parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users' browsers when viewing forum replies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =2.20
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.