2025-04-18 00:00:00
mitre
PUBLISHED
Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code in the admin API Access token generator.