XIMDEX/xcms

GitHub

github.com

www.ximdex.com

Releases12

Frequency6 months 3 weeks

Last Release almost 7 years ago

Stars62

Headless CMS with wysiwyg editor for XML and HTML5, omnichannel, multi-format and multi-platform decoupled publishing as html5, .net, j2ee, php, RoR, XML, json, RDF, epub, mobile apps, ... into the Cloud. Demo: http://demo.ximdex.com

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-12272 ↗	Jun 13, 2018Wednesday, 13 June 2018, 13:29	—	4.3 MEDIUM
xowl/request.php in Ximdex 4.0 has XSS via the content parameter.
CVE-2018-12273 ↗	Jun 13, 2018Wednesday, 13 June 2018, 13:29	—	4.3 MEDIUM
The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter.
CVE-2018-12047 ↗	Jun 8, 2018Friday, 8 June 2018, 01:29	—	4.3 MEDIUM
xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters for non-negative values of n, as demonstrated by n equal to 0 through 12.
CVE-2018-11735 ↗	Jun 5, 2018Tuesday, 5 June 2018, 06:29	—	4.3 MEDIUM
index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter.