Vulnerabilities > Lavalite > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-18 | CVE-2023-30124 | Cross-site Scripting vulnerability in Lavalite 9.0.0 LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS). | 5.4 |
| 2023-05-12 | CVE-2023-27237 | Cross-site Scripting vulnerability in Lavalite 9.0.0 LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack. | 6.1 |
| 2019-11-13 | CVE-2019-18883 | Cross-site Scripting vulnerability in Lavalite 5.7.0 XSS exists in Lavalite CMS 5.7 via the admin/profile name or designation field. | 4.3 |