Skip to main content

Askbot

4 CVEs product

Monthly

CVE-2026-1213 PyPI MEDIUM PATCH This Month

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.

Authentication Bypass Askbot
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2015-3169 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Askbot
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2014-2235 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Askbot
NVD VulDB GitHub
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-2236 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Askbot
NVD VulDB GitHub
CVSS 2.0
4.3
EPSS
0.4%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.

Authentication Bypass Askbot
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in askbot 0.7.51-4.el6.noarch. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Askbot
NVD
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Askbot
NVD VulDB GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Askbot
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy