Total vulnerabilities in the database
Cross-site scripting (XSS) vulnerability in login.php in Jamroom 3.0.16 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the forgot parameter in the forgot mode.
| Software | From | Fixed in |
|---|---|---|
| jamroom / jamroom | 3.0.16 | 3.0.16.x |