Vulnerabilities > Duxcms Project > Duxcms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-31 | CVE-2020-36763 | Cross-site Scripting vulnerability in Duxcms Project Duxcms 2.1 Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post. | 5.4 |
| 2023-07-31 | CVE-2020-21881 | Cross-Site Request Forgery (CSRF) vulnerability in Duxcms Project Duxcms 2.1 Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add. | 6.5 |
| 2022-12-08 | CVE-2020-36609 | Unspecified vulnerability in Duxcms Project Duxcms 2.1 A vulnerability was found in annyshow DuxCMS 2.1. | 5.4 |