Lucene search
GoogleOSV:GHSA-X8WJ-CQMP-3WMMHistoryMar 15, 2022 - 12:00 a.m.
Cross-site Scripting in Zenario CMS
2022-03-1500:00:59
Google
osv.dev
14
0.001 Low
EPSS
Percentile
24.9%
Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. An attacker can send malicious files to victims and steals victim’s cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS.
Related
osv
osv
CVE-2021-41952
2022-03-14 15:15:09
cvelist
cvelist
CVE-2021-41952
2022-03-14 14:53:55
github
github
Cross-site Scripting in Zenario CMS
2022-03-15 00:00:59
nvd
nvd
CVE-2021-41952
2022-03-14 15:15:09
cve
cve
CVE-2021-41952
2022-03-14 15:15:09
prion
prion
Cross site scripting
2022-03-14 15:15:00