| CVE-2015-3296 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
NodeBB Cross-site Scripting Vulnerability in Markdown Processing |
| CVE-2025-50979 |
unknown |
— |
— |
|
|
|
9mo ago |
NodeBB SQL Injection vulnerability |
| CVE-2024-57041 |
unknown |
— |
— |
|
|
|
1y ago |
NodeBB Cross-site scripting (XSS) vulnerability |
| CVE-2024-29316 |
unknown |
— |
— |
|
|
|
2y ago |
Incorrect Access Control in NodeBB |
| CVE-2023-2850 |
unknown |
— |
— |
|
|
|
3y ago |
Unintentional leakage of private information via cross-origin websocket session hijacking |
| CVE-2023-26045 |
unknown |
— |
— |
|
|
|
3y ago |
Path traversal and code execution via prototype vulnerability |
| CVE-2022-46164 |
unknown |
— |
— |
|
|
|
4y ago |
NodeBB vulnerable to account takeover via prototype vulnerability |
| CVE-2022-3978 |
unknown |
— |
— |
|
|
|
4y ago |
NodeBB vulnerable to Cross-Site Request Forgery |
| CVE-2022-36076 |
unknown |
— |
— |
|
|
|
4y ago |
NodeBB account takeover via SSO plugins |
| CVE-2022-36045 |
unknown |
— |
— |
|
|
|
4y ago |
Cryptographically weak PRNG in `utils.generateUUID` |
| CVE-2021-43786 |
unknown |
— |
— |
|
|
|
5y ago |
API token verification can be bypassed in NodeBB |
| CVE-2021-43787 |
unknown |
— |
— |
|
|
|
5y ago |
XSS via prototype pollution in NodeBB |
| CVE-2021-43788 |
unknown |
— |
— |
|
|
|
5y ago |
NodeBB vulnerable to path traversal in translator module |
| CVE-2015-9286 |
unknown |
— |
— |
|
|
|
7y ago |
Cross-site Scripting in NodeBB |