ss122-0ss/BOSSCMS

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-31613 ↗	Jun 10, 2024Monday, 10 June 2024, 16:15	5.4 MEDIUM	—
BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery (CSRF) in name="head_code" or name="foot_code."
CVE-2024-31609 ↗	Apr 25, 2024Thursday, 25 April 2024, 22:15	7.1 HIGH	—
Cross Site Scripting (XSS) vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration.