Vulnerabilities > Bigtreecms > Bigtree CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-15 | CVE-2017-6915 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.1.8 CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. | 4.3 |
| 2017-02-14 | CVE-2016-10223 | Improper Access Control vulnerability in Bigtreecms Bigtree CMS An issue was discovered in BigTree CMS before 4.2.15. | 5.4 |