Vulnerabilities > Monstra > Monstra CMS > 1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-02 | CVE-2018-19599 | Cross-site Scripting vulnerability in Monstra CMS 1.6 Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. | 5.4 |
| 2019-07-03 | CVE-2018-11227 | Cross-site Scripting vulnerability in Monstra CMS Monstra CMS 3.0.4 and earlier has XSS via index.php. | 6.1 |