Vulnerabilities > Expressionengine > Expressionengine > 6.3.3

DATE CVE VULNERABILITY TITLE RISK
2024-06-16 CVE-2024-38454 Cross-site Scripting vulnerability in Expressionengine
ExpressionEngine before 7.4.11 allows XSS.
network
low complexity
expressionengine CWE-79
6.1
6.1
2023-02-09 CVE-2023-22953 Unspecified vulnerability in Expressionengine
In ExpressionEngine before 7.2.6, remote code execution can be achieved by an authenticated Control Panel user.
network
low complexity
expressionengine
8.8
8.8