Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_113880HistoryApr 26, 2023 - 12:00 a.m.
SiteServer CMS 6.15.51 Multiple Vulnerabilities
2023-04-2600:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
siteserver
cms
6.15.51
vulnerabilities
scanner
EPSS
0.001
Percentile
48.7%
According to its self-reported version number, the instance of SiteServer CMS hosted on the remote web server is 6.15.51. It is, therefore, affected by :
-
A Cross Site Scripting (XSS) flaw into the TbItemName parameters (CVE-2021-42656, CVE-2022-30349).
-
A SQL injection vulnerability in the /api/pages/cms/libraryText/list endpoint (CVE-2021-42655).
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source dataRelated
prion
prion
Sql injection
2022-05-24 13:15:00
Cross site scripting
2022-05-24 13:15:00
Cross site scripting
2022-06-02 14:15:00
osv
osv
Cross site scripting in SiteServer CMS
2022-05-25 00:00:37
CVE-2021-42656
2022-05-24 13:15:07
CVE-2021-42655
2022-05-24 13:15:07
github
github
Cross site scripting in SiteServer CMS
2022-05-25 00:00:37
SQL injection in SiteServer CMS
2022-05-25 00:00:37
Cross site scripting in SSCMS
2022-06-03 00:01:08
cve
cve
cvelist
cvelist
cnvd
cnvd
SiteServer CMS sql injection vulnerability
2022-05-25 00:00:00
nvd
nvd