CVE-2015-9286
NONE EPSS 68.2%
Published Apr 30, 20197y ago ยท Modified Jun 17, 20262w ago
Published Apr 30, 2019 7y ago
Last Modified Jun 17, 2026 2w ago
Description
Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.
Threat Intelligence
EPSS Exploit Probability
68.2% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| nodebb | nodebb | * | <0.7.3 |
References 4
- github.com https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529
- github.com https://github.com/NodeBB/NodeBB/pull/3371
- vulners.com https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625
- vulnerability-lab.com https://www.vulnerability-lab.com/get_content.php?id=1608
Remediation
- github.com https://github.com/NodeBB/NodeBB/pull/3371