Vulnerabilities > Cotonti > Cotonti Siena > 0.9.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-05 | CVE-2022-39839 | Cross-site Scripting vulnerability in Cotonti Siena 0.9.20 Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post. | 4.8 |
| 2022-09-05 | CVE-2022-39840 | Cross-site Scripting vulnerability in Cotonti Siena 0.9.20 Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message (DM). | 4.8 |