PT-2025-21350 · Fluxbb · Fluxbb
Published
2025-05-15
·
Updated
2025-06-12
·
CVE-2025-44110
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
FluxBB version 1.5.11
Description
The issue is related to Cross Site Scripting (XSS) via the Forum Description Field in admin forums.php. This allows for potential malicious script execution. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.
Recommendations
For FluxBB version 1.5.11, update to a version that fixes the Cross Site Scripting (XSS) issue in the Forum Description Field in admin forums.php. As a temporary workaround, consider restricting access to the admin forums.php page to minimize the risk of exploitation. Avoid using the Forum Description Field until the issue is resolved.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fluxbb