Cotonti : Security Vulnerabilities, CVEs, (XSS)
A stored cross-site scripting (XSS) vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.
Max CVSS
5.4
EPSS Score
0.05%
Published
2024-02-08
Updated
2024-02-15
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message (DM).
Max CVSS
4.8
EPSS Score
0.06%
Published
2022-09-05
Updated
2022-09-08
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post.
Max CVSS
4.8
EPSS Score
0.06%
Published
2022-09-05
Updated
2022-09-08
3 vulnerabilities found