Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Boss Media — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting Boss Media. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Boss Media develops online gaming platforms and casino software for the iGaming industry. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and misconfigured access controls. While no major public security incidents have been widely documented, the four CVEs on record highlight persistent issues in their web applications and API security. Their software typically handles sensitive financial and personal data, making proper input sanitization and secure authentication critical. The company's focus on gaming infrastructure requires robust security measures to prevent exploitation of common web vulnerabilities that could compromise player accounts and operator systems.

Top products by Boss Media: BuddyBoss Platform BuddyBoss Theme
CVE IDTitleCVSSSeverityPublished
CVE-2024-13859 BuddyBoss Platform <= 2.8.50 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bp_nouveau_ajax_media_save' function — BuddyBoss PlatformCWE-79 6.4 Medium2025-05-02
CVE-2024-13860 BuddyBoss Platform <= 2.8.50 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bbp_topic_title' — BuddyBoss PlatformCWE-79 6.4 Medium2025-05-02
CVE-2024-13858 BuddyBoss Platform and BuddyBoss Theme <= Multiple Versions - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'invitee_name' — BuddyBoss ThemeCWE-79 6.4 Medium2025-05-02
CVE-2024-13402 BuddyBoss Platform <= 2.7.70 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'link_title' — BuddyBoss PlatformCWE-79 6.4 Medium2025-02-27

This page lists every published CVE security advisory associated with Boss Media. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.