114 matches found
CVE-2024-24115
A stored cross-site scripting XSS vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-24115
A stored cross-site scripting XSS vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cotonti CMS Cross-Site Scripting Vulnerability
Cotonti CMS is a powerful open source web development framework and content manager from Cotonti. A cross-site scripting vulnerability exists in Cotonti CMS version v0.9.24, which stems from a cross-site scripting vulnerability in the Edit Page feature that allows an authenticated attacker to...
PT-2024-20278 · Unknown · Cotonti Cms
Name of the Vulnerable Software and Affected Versions: Cotonti CMS version 0.9.24 Description: A stored cross-site scripting XSS vulnerability in the Edit Page function allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For Cotonti CMS...
CVE-2024-24115
CVE-2024-24115 concerns a stored XSS vulnerability in the Edit Page feature of Cotonti CMS v0.9.24. According to the documents, authenticated attackers can inject and execute arbitrary web scripts or HTML via a crafted payload. The vulnerability is described consistently across multiple sources; ...
CVE-2022-39840
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...
CVE-2022-39839
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...
CVE-2022-39839
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...
CVE-2022-39840
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...
Cross site scripting
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...
Cross site scripting
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...
CVE-2022-39839
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...
CVE-2022-39839
CVE-2022-39839 : Cotonti Siena 0.9.20 is affected by a stored XSS vulnerability via forum posts. The CVE entry documents the issue and the NVD CVSSv3.1 base score of 4.8 (Medium), with network attack vector, low attack complexity, privileges required high, user interaction required, and a changed...
CVE-2022-39839
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...
CVE-2022-39840
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...
CVE-2022-39840
CVE-2022-39840 affects Cotonti Siena 0.9.20, enabling stored XSS via direct messages (DM). Impact: admin-level content processing could be manipulated to execute scripts; CVSS 3.1 base score 4.8 (MEDIUM) with network vector, low attack complexity, user interaction required. Root cause details are...
CVE-2022-39840
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...
Cotonti Siena 跨站脚本漏洞
Cotonti Siena is a powerful open source web development framework and content manager from Cotonti Open Source. A security vulnerability exists in Cotonti Siena version 0.9.20, which stems from a stored XSS attack that allows administrators to conduct direct messages DM...
Cotonti Siena 跨站脚本漏洞
Cotonti Siena is a powerful open source web development framework and content manager from Cotonti Open Source. A security vulnerability exists in Cotonti Siena version 0.9.20, which originates from allowing administrators to conduct stored XSS attacks via forum posts...
PT-2022-25031 · Unknown · Cotonti Siena
Name of the Vulnerable Software and Affected Versions: Cotonti Siena version 0.9.20 Description: The issue allows admins to conduct stored XSS attacks via a direct message DM. Recommendations: For Cotonti Siena version 0.9.20, update to a version that fixes this issue, as using direct messages fo...