Vulnerabilities

CVE-2026-35054

by Fred · 01/04/2026

XenForo before 2.3.9 is vulnerable to stored cross-site scripting (XSS) related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content.

More information : https://www.vulncheck.com/advisories/xenforo-stored-cross-site-scripting-via-bb-code-rendering

Similar

Tags: Cybersecurity Alert