Vulnerabilities > Cotonti

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-08	CVE-2024-24115	Cross-site Scripting vulnerability in Cotonti Siena 0.9.24 A stored cross-site scripting (XSS) vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload. network low complexity cotonti CWE-79	5.4
2022-09-05	CVE-2022-39839	Cross-site Scripting vulnerability in Cotonti Siena 0.9.20 Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post. network low complexity cotonti CWE-79	4.8
2022-09-05	CVE-2022-39840	Cross-site Scripting vulnerability in Cotonti Siena 0.9.20 Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message (DM). network low complexity cotonti CWE-79	4.8

Vulnerabilities > Cotonti {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cotonti"}]}