Vulnerabilities > Microweber
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-28 | CVE-2023-5244 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0. | 6.1 |
| 2023-06-07 | CVE-2023-3142 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0. | 5.4 |
| 2023-04-22 | CVE-2023-2239 | Privacy Violation vulnerability in Microweber Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4. | 6.5 |
| 2023-04-22 | CVE-2023-2240 | Improper Privilege Management vulnerability in Microweber Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4. | 8.8 |
| 2023-04-13 | CVE-2023-2014 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3. | 4.8 |
| 2023-02-28 | CVE-2023-1081 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. | 4.8 |
| 2023-02-21 | CVE-2021-32856 | Cross-site Scripting vulnerability in Microweber Microweber is a drag and drop website builder and content management system. | 6.1 |
| 2023-02-01 | CVE-2023-0608 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2. | 5.4 |
| 2022-11-25 | CVE-2022-0698 | Cross-site Scripting vulnerability in Microweber 1.3.1 Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter. | 6.1 |
| 2022-11-22 | CVE-2022-33012 | Injection vulnerability in Microweber 1.2.15 Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack. | 8.8 |