Vulnerabilities > Cuppacms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-31 | CVE-2018-19918 | Cross-site Scripting vulnerability in Cuppacms CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI. | 3.5 |
| 2018-09-21 | CVE-2018-17300 | Cross-site Scripting vulnerability in Cuppacms Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name. | 3.5 |