Количество 2
Количество 2
CVE-2021-41952
почти 4 года назад
Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS.
CVSS3: 4.8
EPSS: Низкий
GHSA-x8wj-cqmp-3wmm
почти 4 года назад
Cross-site Scripting in Zenario CMS
CVSS3: 4.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-41952 Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS. | CVSS3: 4.8 | 0% Низкий | почти 4 года назад |
| GHSA-x8wj-cqmp-3wmm Cross-site Scripting in Zenario CMS | CVSS3: 4.8 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу
20