2 matches found
CVE-2022-39840
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message DM...
CVE-2022-39840
CVE-2022-39840 affects Cotonti Siena 0.9.20, enabling stored XSS via direct messages (DM). Impact: admin-level content processing could be manipulated to execute scripts; CVSS 3.1 base score 4.8 (MEDIUM) with network vector, low attack complexity, user interaction required. Root cause details are...