Vulnerabilities > Craftcms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2020-19626 | Cross-site Scripting vulnerability in Craftcms Craft CMS 3.1.31 Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new. | 3.5 |
| 2018-12-24 | CVE-2018-20418 | Cross-site Scripting vulnerability in Craftcms Craft CMS 3.0.25 index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by saving a new title from the console tab. | 3.5 |
| 2017-06-08 | CVE-2017-9516 | Cross-site Scripting vulnerability in Craftcms Craft CMS Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file. | 3.5 |