Vulnerabilities > Impresscms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-11 | CVE-2021-28088 | Cross-site Scripting vulnerability in Impresscms 1.4.2 Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field. | 3.5 |
| 2020-10-07 | CVE-2020-17551 | Cross-site Scripting vulnerability in Impresscms 1.4.0 ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution. | 3.5 |