Lightcms Security Vulnerabilities and Issues — Lightcms CVE List

Lucene search

Lightcms ProjectLightcms

2 matches found

CVE•added 2021/02/24 3:15 p.m.•58 views

CVE-2021-3355

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords.

5.4CVSS5.3AI score0.00215EPSS

CVE•added 2021/04/15 4:15 p.m.•32 views

CVE-2021-27112

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images.

9.8CVSS9.7AI score0.02228EPSS