Vulnerabilities for Composr cms (...) - CXSECURITY.COM

Vulnerabilities for 'Composr cms'

2021-08-16

CVE-2021-38708

CWE-79

In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS.

2021-01-26

CVE-2020-35310

CWE-79

Composr CMS 10.0.34 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML via Add Banners in the Description field.

2018-04-26

CVE-2018-6518

CWE-79

Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.

Copyright 2024, cxsecurity.com