flarum Framework Vulnerabilities
Flarum Framework vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Session Hijacking Vulnerability in Flarum Forum Software by Flarum
CVE-2025-27794FlarumFramework6.8MEDIUMFlarum's Logout Route allows open redirects
CVE-2024-21641FlarumFrameworkEPSS 32%6.5MEDIUMServer-Side Request Forgery via Avatar upload in flarum
CVE-2023-40033FlarumFramework7.1HIGHPath Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files in flarum
CVE-2023-27577FlarumFramework6.6MEDIUMFlarum is missing authorization in discussion replies
CVE-2023-22489FlarumFramework3.5LOWMissing authorization in Flarum
CVE-2023-22488FlarumFramework6.8MEDIUMPost mentions can be used to read any post on the forum without access control
CVE-2023-22487FlarumFramework7.7HIGHCross site scripting vulnerability with discussion titles in flarum
CVE-2022-41938FlarumFramework9CRITICAL