ChronoForums
by ChronoForums
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-27459 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2020 | Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed. | ||
| CVE-2021-28377 | Med | 0.35 | 5.3 | 0.08 | Jan 12, 2022 | ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files. |
- risk 0.40cvss 6.1epss 0.01
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.
- risk 0.35cvss 5.3epss 0.08
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.