Vulnerabilities (CVE)

Filtered by vendor Compo Subscribe
Filtered by product Composr Cms
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38708 1 Compo 1 Composr Cms 2024-02-28 3.5 LOW 5.4 MEDIUM
In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS.
CVE-2021-38709 1 Compo 1 Composr Cms 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS.
CVE-2018-6518 1 Compo 1 Composr Cms 2024-02-28 3.5 LOW 4.8 MEDIUM
Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.