Vulnerabilities > Compo > Composr CMS > 10.0.26
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2021-38708 | Cross-site Scripting vulnerability in Compo Composr CMS In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS. | 5.4 |
| 2021-08-16 | CVE-2021-38709 | Cross-site Scripting vulnerability in Compo Composr CMS In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS. | 6.1 |