Lucene search
K

5 matches found

Cvelist
Cvelist
added 2022/05/03 6:1 p.m.24 views

CVE-2022-28599

A stored cross-site scripting XSS vulnerability exists in FUEL-CMS 1.5.1 that allows an authenticated user to upload a malicious .pdf file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger a XSS attack...

5.2AI score0.00547EPSS
Exploits1References1
OSV
OSV
added 2022/05/03 6:1 p.m.8 views

CVE-2022-28599

A stored cross-site scripting XSS vulnerability exists in FUEL-CMS 1.5.1 that allows an authenticated user to upload a malicious .pdf file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger a XSS attack...

5.4CVSS4.8AI score0.00547EPSS
Exploits1References3
CVE
CVE
added 2022/05/03 6:1 p.m.69 views

CVE-2022-28599

CVE-2022-28599 affects FUEL-CMS 1.5.1. The vulnerability is a stored XSS where an authenticated user can upload a malicious .pdf file that acts as the payload; if an administrator triggers it, a stored XSS attack occurs. The provided documents do not specify a patch version or remediation steps. ...

5.4CVSS5AI score0.00547EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/02/24 3:15 p.m.13 views

CVE-2021-44607

A Cross Site Scripting XSS vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG file...

5.4CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2022/02/23 6:42 p.m.16 views

CVE-2021-44607

A Cross Site Scripting XSS vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG file...

5.5AI score0.00479EPSS
Exploits1References1
Rows per page
Query Builder