Vulnerabilities > Expressionengine > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-16 | CVE-2024-38454 | Cross-site Scripting vulnerability in Expressionengine ExpressionEngine before 7.4.11 allows XSS. | 6.1 |
| 2018-10-01 | CVE-2018-17874 | Cross-site Scripting vulnerability in Expressionengine ExpressionEngine before 4.3.5 has reflected XSS. | 6.1 |
| 2017-11-17 | CVE-2017-1000160 | Cross-site Scripting vulnerability in Expressionengine 3.4.2 EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection | 5.4 |