The Kunena forum extension for Joomla suffers from multiple SQL injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. The vulnerabilities affect Kunena v3.0.5 and earlier.

Upgrade to the latest version of Kunena Forum (this problems was fixed in version 3.0.6).

• Kunena Forum for Joomla Multiple Vulnerabilities
• Kunena 3.0.6 Released