Description
The Kunena forum extension for Joomla suffers from multiple SQL injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. The vulnerabilities affect Kunena v3.0.5 and earlier.
Remediation
Upgrade to the latest version of Kunena Forum (this problems was fixed in version 3.0.6).
References
Related Vulnerabilities
WordPress Plugin WP-Lister Lite for eBay Cross-Site Scripting (2.0.8.3)
WordPress Plugin DMCA WaterMarker Cross-Site Scripting (1.0)
WordPress Plugin Hide My WP Cross-Site Scripting (4.51.1)
WordPress Plugin Link Library Cross-Site Scripting (5.9.12.29)
WordPress Plugin Livemesh Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (6.7.1)