Lucene search
IntelliantsSubrion Cms
2 matches found
CVE-2020-35437
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.
6.1CVSS5.9AI score0.00311EPSS
CVE-2019-7357
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins.
8.8CVSS8.6AI score0.01618EPSS