2 matches found
CVE-2025-32369
Kentico Xperience before 13.0.181 allows authenticated users to distribute malicious content for stored XSS via certain interactions with the media library file upload feature...
CVE-2020-23960
Multiple cross-site request forgery CSRF vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to 1 approve the mass of the user's comments, 2 restoring a deleted user, 3 installing or running modules, 4 resetting the...