Htmly Security Vulnerabilities and Issues — Htmly CVE List

Lucene search

HtmlyHtmly

5 matches found

CVE•added 2021/04/13 5:15 a.m.•88 views

CVE-2021-30637

htmly 2.8.0 allows stored XSS via the blog title, Tagline, or Description to config.html.php.

5.4CVSS5.2AI score0.00148EPSS

CVE•added 2021/05/21 6:15 p.m.•74 views

CVE-2020-23766

An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attackers to use any absolute path to delete any file in the server should they gain Administrator privileges.

6.5CVSS6.6AI score0.01518EPSS

CVE•added 2021/08/03 7:15 p.m.•46 views

CVE-2021-36702

The "content" field in the "regular post" page of the "add content" menu under "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. It allows remote attackers to send authenticated post-http requests to add / content and inject arbitrary web scripts or HTML through spe...

6.1CVSS5.9AI score0.00196EPSS

CVE•added 2021/08/03 7:15 p.m.•45 views

CVE-2021-36703

The "blog title" field in the "Settings" menu "config" page of "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. It allows remote attackers to send an authenticated post HTTP request to admin/config and inject arbitrary web script or HTML through a special website n...

6.1CVSS5.9AI score0.00222EPSS

CVE•added 2021/08/03 7:15 p.m.•39 views

CVE-2021-36701

In htmly version 2.8.1, is vulnerable to an Arbitrary File Deletion on the local host when delete backup files. The vulnerability may allow a remote attacker to delete arbitrary know files on the host.

9.1CVSS8.9AI score0.00872EPSS