CVE-2021-28968

Publication date

2021-03-22 15:10:07

Family

mitre

State

PUBLISHED

Description

An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message.