CVE-2016-11020 (kunena)

Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS.

View Full Alert