Vulnerabilities > Lightcms Project > Lightcms > 1.3.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-24 | CVE-2021-3355 | Cross-site Scripting vulnerability in Lightcms Project Lightcms 1.3.4 A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords. | 3.5 |