4 matches found
CVE-2020-13870
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset volume name...
CVE-2020-13868
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. CSRF affects comment integrity...
Pixel & Tonic Craft CMS Comments plugin cross-site scripting vulnerability (CNVD-2020-34722)
Pixel & Tonic Craft CMS is the U.S. Pixel & Tonic company's set of content management system CMS. Comments plugin is one of the code comment generation plugin. A cross-site scripting vulnerability exists in the Pixel & Tonic Craft CMS Comments plugin. The vulnerability stems from a lack of proper...
CVE-2020-13868
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. CSRF affects comment integrity...