CVE-2020-25876

Name of the Vulnerable Software and Affected Versions: Codoforum version 5.0.2

Description: A stored cross site scripting (XSS) issue in the 'Pages' feature allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Page Title parameter.

Recommendations: For Codoforum version 5.0.2, consider disabling the 'Pages' feature until a patch is available to prevent exploitation. Restrict access to the Page Title parameter to minimize the risk of arbitrary web script execution. At the moment, there is no information about a newer version that contains a fix for this issue.