Fuel Cms@1.5.1 Security Vulnerabilities and Issues — Fuel Cms@1.5.1 CVE List

Lucene search

ThedaylightstudioFuel Cms1.5.1

3 matches found

CVE•added 2022/04/11 3:15 p.m.•63 views

CVE-2022-27156

Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection.

5.4CVSS5.4AI score0.00181EPSS

CVE•added 2022/05/03 6:15 p.m.•58 views

CVE-2022-28599

A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 that allows an authenticated user to upload a malicious .pdf file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger a XSS attack.

5.4CVSS5AI score0.00249EPSS

CVE•added 2022/02/24 3:15 p.m.•36 views

CVE-2021-44607

A Cross Site Scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG file.

5.4CVSS5.2AI score0.00181EPSS