4 matches found
BIT-NEOS-2022-30429
Multiple cross-site scripting XSS vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also ...
GHSA-7M9H-V68W-PFW3 Neos CMS vulnerable to XSS in various backend modules
Multiple cross-site scripting XSS vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also ...
CVE-2022-30429
Multiple cross-site scripting XSS vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also ...
PT-2022-20114 · Neos Cms · Neos Cms
Name of the Vulnerable Software and Affected Versions: Neos CMS versions 3.3.29 through 8.0.1 Description: Multiple cross-site scripting XSS vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion o...