Subrion Security Vulnerabilities and Issues — Subrion CVE List

Lucene search

IntelliantsSubrion

6 matches found

CVE•added 2019/10/06 5:15 p.m.•110 views

CVE-2019-17225

Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue.

5.4CVSS5.1AI score0.00542EPSS

CVE•added 2023/09/28 3:15 p.m.•104 views

CVE-2023-43884

A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.

5.4CVSS5.4AI score0.00184EPSS

CVE•added 2022/04/29 2:15 p.m.•84 views

CVE-2021-41948

A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS

5.4CVSS5.3AI score0.00181EPSS

CVE•added 2020/11/04 8:15 p.m.•33 views

CVE-2019-7356

Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.

5.4CVSS5.2AI score0.00251EPSS

CVE•added 2023/09/27 3:19 p.m.•29 views

CVE-2023-43830

A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'.

5.4CVSS5.4AI score0.0027EPSS

CVE•added 2023/09/27 3:19 p.m.•25 views

CVE-2023-43828

A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter.

5.4CVSS5.4AI score0.0027EPSS