Vulnerabilities > Gpeasy > Gpeasy CMS > 2.3.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-28 | CVE-2013-0807 | Cross-Site Scripting vulnerability in Gpeasy CMS Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the section parameter in a new_section action to index.php. | 4.3 |
| 2013-01-24 | CVE-2012-6513 | Cross-Site Scripting vulnerability in Gpeasy CMS 2.3.3 Cross-site scripting (XSS) vulnerability in index.php/Admin_Preferences in gpEasy CMS 2.3.3 allows remote attackers to inject arbitrary web script or HTML via the jsoncallback parameter. | 4.3 |