Vulnerabilities > Csphere

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-43119 Cross-site Scripting vulnerability in Csphere Clansphere 2011.4
A cross-site scripting (XSS) vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter.
network
low complexity
csphere CWE-79
6.1
6.1
2021-03-23 CVE-2021-27310 Cross-site Scripting vulnerability in Csphere Clansphere 2011.4
Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "language" parameter.
network
low complexity
csphere CWE-79
6.1
6.1
2021-03-23 CVE-2021-27309 Cross-site Scripting vulnerability in Csphere Clansphere 2011.4
Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter.
network
low complexity
csphere CWE-79
6.1
6.1