Metho

Name of the Vulnerable Software and Affected Versions XenForo versions prior to 2.3.10 and prior to 2.2.19 Description XenForo is susceptible to stored cross-site scripting (XSS) within structured text mentions, primarily impacting legacy profile post content. An attacker can inject malicious scripts through crafted mentions. These malicious scripts are stored and executed when other users view the affected content. Recommendations Update to XenForo version 2.3.10 or later. Update to XenForo version 2.2.19 or later.