flarum Summary
Latest vulnerabilities published by flarum
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Server-Side Template Injection in FoF Pretty Mail by Friends of Flarum
CVE-2024-58303FlarumFriendsofflarum Pretty...πΎπ‘8.6HIGHLocal File Inclusion Vulnerability in FoF Pretty Mail by Friends of Flarum
CVE-2024-58302FlarumFriendsofflarum Pretty...πΎπ‘6.9MEDIUMSession Hijacking Vulnerability in Flarum Forum Software by Flarum
CVE-2025-27794FlarumFramework6.8MEDIUMFlarum's Logout Route allows open redirects
CVE-2024-21641FlarumFrameworkEPSS 38%6.5MEDIUMServer-Side Request Forgery via Avatar upload in flarum
CVE-2023-40033FlarumFramework7.1HIGHPath Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files in flarum
CVE-2023-27577FlarumFramework6.6MEDIUMFlarum is missing authorization in discussion replies
CVE-2023-22489FlarumFramework3.5LOWMissing authorization in Flarum
CVE-2023-22488FlarumFramework6.8MEDIUMPost mentions can be used to read any post on the forum without access control
CVE-2023-22487FlarumFramework7.7HIGHCross site scripting vulnerability with discussion titles in flarum
CVE-2022-41938FlarumFramework9CRITICALXSS vulnerability with translator
CVE-2021-32671FlarumCore10CRITICALXSS in Flarum Sticky extension.
CVE-2021-21283FlarumSticky5.4MEDIUMCross-Site Request Forgery Vulnerability in Flarum by Flarum
CVE-2019-13183FlarumFlarum8.8HIGHEmail Token Invalidation Flaw in Flarum by Flarum
CVE-2019-11514FlarumFlarum7.5HIGHEmail Disclosure Vulnerability in Flarum Core by Flarum
CVE-2018-19133FlarumFlarum5.3MEDIUM