Submit #511999: SimpleMachines SMF 2.1.4 Cross Site Scriptinginfo

TitleSimpleMachines SMF 2.1.4 Cross Site Scripting
DescriptionSMF v2.1.4 suffers from Stored Cross-Site Scripting (XSS) Vulnerability in the 'notice' parameter of the 'ManageAttachments.php' script. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users.
Source⚠️ https://github.com/Fewword/Poc/blob/main/smf/smf-poc3.md
User
 Fewwords (UID 42682)
Submission03/01/2025 09:00 (1 Year ago)
Moderation03/20/2025 23:59 (20 days later)
StatusAccepted
VulDB entry300542 [SimpleMachines SMF 2.1.4 ManageAttachments.php Notice cross site scripting]
Points16

Do you want to use VulDB in your project?

Use the official API to access entries easily!