Vulnerabilidades en NodeBB

10 resultados

CVE-2022-46164CRITICALAccount takeover via prototype vulnerabilityEPSS 49.0%CVE-2021-43788MEDIUMPath traversal in translator module of NobeBBEPSS 25.8%CVE-2020-15149CRITICALAccount takeover in NodeBBEPSS 2.4%CVE-2021-43786CRITICALAPI token verification can be bypassedEPSS 2.3%CVE-2021-43787CRITICALXSS via prototype pollutionEPSS 1.3%CVE-2022-36045CRITICALAccount takeover via cryptographically weak PRNG in NodeBB ForumEPSS 1.0%CVE-2023-26045CRITICALNodeBB vulnerable to path traversal and code execution via prototype vulnerabilityEPSS 0.8%CVE-2021-47746HIGHNodeBB Plugin Emoji 3.2.1 - Arbitrary File WriteEPSS 0.7%CVE-2022-36076HIGHAccount takeover via SSO plugins in NodeBBEPSS 0.4%CVE-2023-2850MEDIUMNodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vEPSS 0.3%