Vulnerabilities > Cmsuno Project > Cmsuno > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-36654 Cross-site Scripting vulnerability in Cmsuno Project Cmsuno 1.7
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter (tgo) while updating the theme.
network
low complexity
cmsuno-project CWE-79
5.4
5.4
2020-07-07 CVE-2020-15600 Cross-Site Request Forgery (CSRF) vulnerability in Cmsuno Project Cmsuno
An issue was discovered in CMSUno before 1.6.1.
network
low complexity
cmsuno-project CWE-352
6.5
6.5
2018-08-20 CVE-2018-15567 Cross-site Scripting vulnerability in Cmsuno Project Cmsuno
CMSUno before 1.5.3 has XSS via the title field.
network
low complexity
cmsuno-project CWE-79
6.1
6.1