Nugmubs

**Name of the Vulnerable Software and Affected Versions** Chronoforeum version 2.0.11 **Description** The issue allows for Stored XSS vulnerabilities when a crafted payload is inserted into a post. If any user views the post, the inserted XSS code is executed. **Recommendations** For Chronoforeum version 2.0.11, consider disabling the post insertion feature until a patch is available to prevent the execution of malicious XSS code. Restrict access to posts that may contain crafted payloads to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.