PT-2025-39430

Name of the Vulnerable Software and Affected Versions vulnerability-lookup version 2.16.0 Description A cross-site scripting XSS issue exists in the handling of user-supplied input within the Bundles, Comments, and Sightings components of the software. Untrusted data was not properly sanitized...

CVE-2020-15276

baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a crafted nickname in blog comments. The issue affects the blog comment component. It is fixed in version 4.4.1...

CVE-2024-41614

symphonycms =2.7.10 is vulnerable to Cross Site Scripting XSS in the Comment component for articles...

CVE-2024-41614

symphonycms =2.7.10 is vulnerable to Cross Site Scripting XSS in the Comment component for articles...

PT-2024-29464 · Unknown · Symphony Cms

Name of the Vulnerable Software and Affected Versions: symphonycms versions 2.7.10 and below Description: The issue is related to Cross Site Scripting XSS in the Comment component for articles. This allows for malicious scripts to be injected into the website, potentially leading to unauthorized...

CVE-2024-41614

Symphony CMS versions

Symphony CMS 安全漏洞

Symphony CMS is a content management system from Symphony CMS open source. A security vulnerability exists in Symphony CMS version 2.7.10 and earlier, which stems from a cross-site scripting XSS vulnerability in the component Comment...

CVE-2024-41614

symphonycms =2.7.10 is vulnerable to Cross Site Scripting XSS in the Comment component for articles...

CVE-2022-23888

YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgey CSRF via the component /yzmcms/comment/index/init.html...