XenForo version 2.1.0 Patch 2 suffers from a cross site scripting vulnerability.
dc51a83e717b75116c25528d1b3a8342dafcd2220bbfe77a7e2298e2a0ad11cf
XenForo versions 2.2.15 and below suffer from a remote code execution vulnerability in the Template system.
141922e324fd21737d323eaed2f53c7bc972900273dfc3e19ea72c0648544233
XenForo versions 2.2.15 and below suffer from a cross site request forgery vulnerability in Widget::actionSave.
a2e0e2c93fd20ac00f325a1d77c282bae74c903affae30dd55518d5333641874
XenForo versions 2.2.13 and below suffer from a zip slip filename traversal vulnerability in ArchiveImport.php.
5deccbdac2cfe207ec995833b611569397b53b3acedb61fbd211edfe7bb16b0d
Xenforo version 2.2.13 suffers from a persistent cross site scripting vulnerability.
f5d2f804109cb0eeef8387c640405b6f7f8dc548ab7656e5c0750cbeed8641d3
XenForo version 1.5.x suffers from an open redirection vulnerability.
a1e34dcecf3fa712d1c607b0dca3eeac67ca23a691c0a4b10be7e5366e44ea07
XenForo version 1.5.x with Advanced Application Forms version 1.2.2 suffers from an open redirection vulnerability.
9d471f1526090cd7aabd3ae46fb97ad20e961ea13a17944a14a73ee07f568c69
XenForo 2 suffers from a CSS loader denial of service vulnerability.
f08a899f612b499b3a9aa1796d8fbaa32aad423a4aeac9610cc59c1f5b5c6e17
Xenforo Forum CMS version 1.5.13 suffers from a persistent cross site scripting vulnerability.
04a95493c65f2b52a034c87996556426ca17319df8588bae58b311116569aafc
XenForo ToggleME version 3.1.2 suffers from multiple cross site scripting vulnerabilities.
2ec81da933635f268cac0c59dd5efa9ad0c1541a95dcd28dee6c054aedd2362e
XenAPI for XenForo version 1.4.1 suffers from a remote SQL injection vulnerability.
7c3a37ee9ac8d2b769a495f772ba61c0683b07b2341e2500844b324ffac74676
XenForo versions 1.4.9 and below suffer from a cross site scripting vulnerability.
5d38872663e90c1322bb0e4199d9762f1f981af682bd046d78e6ef57fd238678
Tapatalk plugin for vBulletin and Xenforo suffers from an open redirection vulnerability.
1102d8cadc59d011cd1380605c006eff6ef1b237843b1ff925e90e30e3fd7793