Lucene search
K

114 matches found

Vulnrichment
Vulnrichment
added 2024/02/08 12:0 a.m.1 views

CVE-2024-24115

A stored cross-site scripting XSS vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.5AI score0.00397EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/08 12:0 a.m.23 views

CVE-2024-24115

A stored cross-site scripting XSS vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.3AI score0.00397EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/02/08 12:0 a.m.3 views

Cotonti CMS Cross-Site Scripting Vulnerability

Cotonti CMS is a powerful open source web development framework and content manager from Cotonti. A cross-site scripting vulnerability exists in Cotonti CMS version v0.9.24, which stems from a cross-site scripting vulnerability in the Edit Page feature that allows an authenticated attacker to...

5.4CVSS5.7AI score0.00397EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.4 views

PT-2024-20278 · Unknown · Cotonti Cms

Name of the Vulnerable Software and Affected Versions: Cotonti CMS version 0.9.24 Description: A stored cross-site scripting XSS vulnerability in the Edit Page function allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For Cotonti CMS...

5.4CVSS5.2AI score0.00397EPSS
Exploits1References5
CVE
CVE
added 2024/02/08 12:0 a.m.44 views

CVE-2024-24115

CVE-2024-24115 concerns a stored XSS vulnerability in the Edit Page feature of Cotonti CMS v0.9.24. According to the documents, authenticated attackers can inject and execute arbitrary web scripts or HTML via a crafted payload. The vulnerability is described consistently across multiple sources; ...

5.4CVSS5.1AI score0.00397EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2022/09/05 6:15 a.m.12 views

CVE-2022-39840

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...

4.8CVSS0.00411EPSS
Exploits1References1
NVD
NVD
added 2022/09/05 6:15 a.m.13 views

CVE-2022-39839

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...

4.8CVSS0.00411EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/09/05 6:15 a.m.2 views

CVE-2022-39839

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...

4.8CVSS5.8AI score0.00411EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/09/05 6:15 a.m.2 views

CVE-2022-39840

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...

4.8CVSS5.8AI score0.00411EPSS
Exploits1References2
Prion
Prion
added 2022/09/05 6:15 a.m.14 views

Cross site scripting

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...

4.3CVSS4.7AI score0.00411EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/09/05 6:15 a.m.17 views

Cross site scripting

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...

4.3CVSS4.7AI score0.00411EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/09/05 5:6 a.m.17 views

CVE-2022-39839

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...

5AI score0.00411EPSS
Exploits1References1
CVE
CVE
added 2022/09/05 5:6 a.m.50 views

CVE-2022-39839

CVE-2022-39839 : Cotonti Siena 0.9.20 is affected by a stored XSS vulnerability via forum posts. The CVE entry documents the issue and the NVD CVSSv3.1 base score of 4.8 (Medium), with network attack vector, low attack complexity, privileges required high, user interaction required, and a changed...

4.8CVSS4.7AI score0.00411EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/09/05 5:6 a.m.12 views

CVE-2022-39839

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post...

4.8CVSS5.7AI score0.00411EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/09/05 5:6 a.m.17 views

CVE-2022-39840

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...

5AI score0.00411EPSS
Exploits1References1
CVE
CVE
added 2022/09/05 5:6 a.m.47 views

CVE-2022-39840

CVE-2022-39840 affects Cotonti Siena 0.9.20, enabling stored XSS via direct messages (DM). Impact: admin-level content processing could be manipulated to execute scripts; CVSS 3.1 base score 4.8 (MEDIUM) with network vector, low attack complexity, user interaction required. Root cause details are...

4.8CVSS4.7AI score0.00411EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/09/05 5:6 a.m.16 views

CVE-2022-39840

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...

4.8CVSS5.7AI score0.00411EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/09/05 12:0 a.m.2 views

Cotonti Siena 跨站脚本漏洞

Cotonti Siena is a powerful open source web development framework and content manager from Cotonti Open Source. A security vulnerability exists in Cotonti Siena version 0.9.20, which stems from a stored XSS attack that allows administrators to conduct direct messages DM...

4.8CVSS5.2AI score0.00411EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/09/05 12:0 a.m.4 views

Cotonti Siena 跨站脚本漏洞

Cotonti Siena is a powerful open source web development framework and content manager from Cotonti Open Source. A security vulnerability exists in Cotonti Siena version 0.9.20, which originates from allowing administrators to conduct stored XSS attacks via forum posts...

4.8CVSS5.2AI score0.00411EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/05 12:0 a.m.4 views

PT-2022-25031 · Unknown · Cotonti Siena

Name of the Vulnerable Software and Affected Versions: Cotonti Siena version 0.9.20 Description: The issue allows admins to conduct stored XSS attacks via a direct message DM. Recommendations: For Cotonti Siena version 0.9.20, update to a version that fixes this issue, as using direct messages fo...

4.8CVSS4.7AI score0.00411EPSS
Exploits1References4
Rows per page
Query Builder