j5oh

1 exploit Active since Apr 2021
CVE-2020-28141 EXPLOITDB MEDIUM text WORKING POC
Online Discussion Forum 1.0 - Authenticated Stored Cross-Site Scripting in Message Body
The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page.
CVSS 5.4