m19o/Security-Advisories

Releases0

Stars6

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-43951 ↗	Oct 3, 2023Tuesday, 3 October 2023, 21:15	5.4 MEDIUM	—
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component.
CVE-2023-43952 ↗	Oct 3, 2023Tuesday, 3 October 2023, 21:15	5.4 MEDIUM	—
SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component.
CVE-2023-43953 ↗	Oct 3, 2023Tuesday, 3 October 2023, 21:15	5.4 MEDIUM	—
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Content Management component.
CVE-2023-36983 ↗	Aug 1, 2023Tuesday, 1 August 2023, 02:15	7.5 HIGH	—
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
CVE-2023-36984 ↗	Aug 1, 2023Tuesday, 1 August 2023, 02:15	7.5 HIGH	—
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
CVE-2023-27237 ↗	May 12, 2023Friday, 12 May 2023, 11:15	6.1 MEDIUM	—
LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack.
CVE-2023-27238 ↗	May 12, 2023Friday, 12 May 2023, 11:15	9.8 CRITICAL	—
LavaLite CMS v 9.0.0 was discovered to be vulnerable to web cache poisoning.
CVE-2023-30394 ↗	May 11, 2023Thursday, 11 May 2023, 19:15	6.1 MEDIUM	—
The MoveIt framework 1.1.11 for ROS allows cross-site scripting (XSS) via the API authentication function. NOTE: this issue is disputed by the original reporter because it has "no impact."