VYPR

Nodebb Plugin Emoji

by NodeBB

Source repositories

CVEs (1)

  • CVE-2021-47746HigJan 21, 2026
    risk 0.49cvss 7.5epss 0.01

    NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite…