LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers.
7.5CVSS
7.3AI Score
0.003EPSS
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor.
5.4CVSS
5.2AI Score
0.001EPSS
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module.
5.4CVSS
5.2AI Score
0.001EPSS