Vulnerabilities in UBB.threads software
ID: 6d6dabae-6376-5a4f-87f9-06d84eb180f0
STIX ID: report--6d6dabae-6376-5a4f-87f9-06d84eb180f0
Feed Name: CERT Polska
Threat Score
**CERT Polska coordinated disclosure of six vulnerabilities in UBB Systems' UBB.threads (≤7.7.5)** — multiple issues were reported including stored and reflected XSS (CWE-79), CSRF (CWE-352), blind SQL injection (CWE-89), path traversal potentially enabling remote code execution (CWE-22), and resource-exhaustion DoS (CWE-405); confirmed in version 7.7.5 and reported by Securitum researchers.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
