Vulnerabilities > Flatcore > Low

DATE CVE VULNERABILITY TITLE RISK
2022-06-13 CVE-2021-40902 Cross-site Scripting vulnerability in Flatcore Flatcore-Cms 2.0.8
flatCore-CMS version 2.0.8 is affected by Cross Site Scripting (XSS) in the "Create New Page" option through the index page.
network
flatcore CWE-79
3.5
3.5
2021-08-23 CVE-2021-39609 Cross-site Scripting vulnerability in Flatcore Flatcore-Cms 2.0.7
Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.
network
flatcore CWE-79
3.5
3.5
2021-01-15 CVE-2021-23836 Cross-site Scripting vulnerability in Flatcore
An issue was discovered in flatCore before 2.0.0 build 139.
network
flatcore CWE-79
3.5
3.5
2021-01-15 CVE-2021-23838 Cross-site Scripting vulnerability in Flatcore
An issue was discovered in flatCore before 2.0.0 build 139.
network
flatcore CWE-79
3.5
3.5
2020-08-09 CVE-2020-17451 Cross-site Scripting vulnerability in Flatcore
flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter.
network
flatcore CWE-79
3.5
3.5