CVE

CVE-2016-11020

CVE-2016-11020

Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS.

Source: CVE-2016-11020

Exit mobile version