RSS   Vulnerabilities for 'Laracms'   RSS

2021-09-29
 
CVE-2020-20128

CWE-319
 

 
LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers.

 
 
CVE-2020-20129

CWE-79
 

 
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor.

 
 
CVE-2020-20131

CWE-79
 

 
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module.

 


Copyright 2024, cxsecurity.com

 

Back to Top