← Back to CVE List
CVE-2016-11020
Published:
2020-02-25T19:15Z
Last Modified:
2024-11-21T02:45Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt