Vulnerabilities > Dotcms > Dotcms > 1.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-21 | CVE-2008-2397 | Cross-Site Scripting vulnerability in Dotcms Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | 4.3 |