VYPR

Kunena Forum

by Kunena

Source repositories

CVEs (1)

  • CVE-2016-11020CriFeb 25, 2020
    risk 0.57cvss 9.8epss 0.03

    Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution.