{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T15:09:29.351","vulnerabilities":[{"cve":{"id":"CVE-2020-25875","sourceIdentifier":"cve@mitre.org","published":"2021-07-09T22:15:08.003","lastModified":"2026-06-17T03:07:25.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross site scripting (XSS) vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross site scripting (XSS) almacenado en la funcionalidad \"Smileys\" de Codoforum versión v5.0.2, permite a atacantes autenticados ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada introducida en el parámetro \"Smiley Code\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:codologic:codoforum:5.0.2:*:*:*:*:*:*:*","matchCriteriaId":"2BCBD3E3-DEEA-488B-8246-F77BE6CB778D"}]}]}],"references":[{"url":"https://codoforum.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/r0ck3t1973/xss_payload/issues/4","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://codoforum.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/r0ck3t1973/xss_payload/issues/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}}]}