Ektron Content Management System Security Vulnerabilities and Issues — Ektron Content Management System CVE List

Lucene search

EktronEktron Content Management System

3 matches found

cve•added 2015/02/14 3:1 a.m.•32 views

CVE-2015-0931

Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue.

6.8CVSS7.9AI score0.02694EPSS

cve•added 2017/07/25 8:29 p.m.•32 views

CVE-2016-6133

Cross-site scripting (XSS) vulnerability in Ektron Content Management System before 9.1.0.184SP3(9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx.

6.1CVSS6AI score0.00215EPSS

cve•added 2017/07/03 4:29 p.m.•27 views

CVE-2016-6201

Cross-site scripting (XSS) vulnerability in Ektron Content Management System (CMS) before 9.1.0.184 SP3 (9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the ContType parameter in a ViewContentByCategory action to WorkArea/content.aspx.

6.1CVSS6AI score0.00196EPSS