Vulnerabilities > Htmly > Htmly > 2.8.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-31 | CVE-2021-42867 | Cross-site Scripting vulnerability in Htmly 2.8.1 A Cross Site Scripting (XSS) vulnerability exists in DanPros htmly 2.8.1 via the Description field in (1) admin/config, and (2) index.php pages. | 3.5 |
| 2022-03-31 | CVE-2021-42946 | Cross-site Scripting vulnerability in Htmly 2.8.1 A Cross Site Scripting (XSS) vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page. | 3.5 |
| 2022-03-01 | CVE-2022-25022 | Cross-site Scripting vulnerability in Htmly 2.8.1 A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post. | 3.5 |
| 2021-08-03 | CVE-2021-36701 | Unspecified vulnerability in Htmly 2.8.1 In htmly version 2.8.1, is vulnerable to an Arbitrary File Deletion on the local host when delete backup files. | 6.4 |
| 2021-08-03 | CVE-2021-36702 | Cross-site Scripting vulnerability in Htmly 2.8.1 The "content" field in the "regular post" page of the "add content" menu under "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. | 4.3 |
| 2021-08-03 | CVE-2021-36703 | Cross-site Scripting vulnerability in Htmly 2.8.1 The "blog title" field in the "Settings" menu "config" page of "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. | 4.3 |