Vulnerabilities > Compo > Composr CMS > 10.0.19
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-16 | CVE-2021-38708 | Cross-site Scripting vulnerability in Compo Composr CMS In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS. | 3.5 |
2021-08-16 | CVE-2021-38709 | Cross-site Scripting vulnerability in Compo Composr CMS In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS. | 4.3 |