Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Codoforum
NVD
Exploit-DB
CVSS 3.1
4.8
EPSS
1.1%
Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manage Users screen. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Codoforum
NVD
CVSS 3.1
4.8
EPSS
0.6%