Carbon Forum
Approved changes feed: RSS · Atom
cpe:2.3:a:94cb:carbon_forum:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | 94Cb (4731ec6a-c4eb-5f37-8a1a-05df2cea7265) |
|---|---|
| Product | Carbon Forum (af13a488-e56f-53f4-a8fe-cdfb5229ae1f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-58344 |
vulnerable | 2026-06-03 14:57:51.407726 |
Carbon Forum 5.9.0 Persistent XSS via Forum Name Field
MEDIUM (6.4)
Carbon Forum 5.9.0 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript code through the Forum Name field in dashboard settings. Attackers with admin privileges can store JavaScript payloads in the Forum Name field that execute in the browsers of all users visiting the forum, enabling session hijacking and data theft.
Published: 2026-04-22T14:57:06.069Z
Updated: 2026-05-24T01:37:43.287Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.