CVE-2020-28141

Name of the Vulnerable Software and Affected Versions: Online Discussion Forum version 1.0

Description: The messaging subsystem is susceptible to a cross-site scripting (XSS) issue in the message body, allowing an authenticated user to send messages containing javascript code that executes when the recipient views the messages page.

Recommendations: For Online Discussion Forum version 1.0, consider disabling the messaging subsystem until a patch is available to prevent potential XSS attacks. Restrict access to the message body feature to minimize the risk of exploitation. Avoid allowing users to include javascript code in messages until the issue is resolved.