A stored cross-site scripting (XSS) vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted...
5.4CVSS
5.1AI Score
0.0004EPSS
SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to...
8.4AI Score
0.105EPSS
4.8CVSS
4.7AI Score
0.001EPSS
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message...
4.8CVSS
4.7AI Score
0.001EPSS