Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mm_forum
(Mm_forum_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-07-07 | CVE-2020-15516 | The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF. | Mm_forum | 5.4 | ||
| 2014-10-03 | CVE-2014-6299 | Cross-site request forgery (CSRF) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors. | Mm_forum | N/A | ||
| 2014-10-03 | CVE-2014-6298 | Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors. | Mm_forum | N/A | ||
| 2014-10-03 | CVE-2014-6297 | Cross-site scripting (XSS) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Mm_forum | N/A |