Vulnerabilities > B2Evolution > B2Evolution CMS > 7.2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-06 | CVE-2021-31631 | Cross-Site Request Forgery (CSRF) vulnerability in B2Evolution CMS 7.2.3 b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. | 8.8 |
| 2021-12-06 | CVE-2021-31632 | SQL Injection vulnerability in B2Evolution CMS 7.2.3 b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. | 9.8 |