News and Announcements
Recent Vulnerabilities

Discovered by: Polina Voronina
CVE-2020-7051 [Type: Stored Cross-Site Scripting, Product: Codelogic Codoforum, Version: 4.8.4]
CVE-2020-7050 [Type: DOM-Based Cross-Site Scripting, Product:
Codelogic Codoforum, Version: 4.8.4]

Discovered by: **Polina Voronina** CVE-2020-7051 [Type: Stored Cross-Site Scripting, Product: Codelogic Codoforum, Version: 4.8.4] CVE-2020-7050 [Type: DOM-Based Cross-Site Scripting, Product: Codelogic Codoforum, Version: 4.8.4]
edited Feb 17 at 12:50 pm

Hi @JoelOssi

The SQL injection reported for v4.8.8 doesn't seem to be valid. We have emailed you our investigation.

Thank you.

Hi @JoelOssi The SQL injection reported for v4.8.8 doesn't seem to be valid. We have emailed you our investigation. Thank you.
Necessity is the mother of all inventions!

Alright, thank you for investigating.

I will contact Mitre and inform them the CVE is a false positive.

Alright, thank you for investigating. I will contact Mitre and inform them the CVE is a false positive.

@admin @adesh can you make a backup of your user database, i want to try something, however before i try i need to be sure that you got a backup.

@admin @adesh can you make a backup of your user database, i want to try something, however before i try i need to be sure that you got a backup.
490
4
4
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft