Vulnerability Database

296,138

Total vulnerabilities in the database

CVE-2024-57041

A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
Node.js icon nodebb - 3.11.1
nodebb / nodebb 3.11.0 3.11.0.x