Vulnerabilities > Njtech > Greencms > 2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-29 | CVE-2024-22570 | Cross-site Scripting vulnerability in Njtech Greencms 2.3 A stored cross-site scripting (XSS) vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 5.4 |
| 2023-06-20 | CVE-2020-21366 | Cross-Site Request Forgery (CSRF) vulnerability in Njtech Greencms 2.3 Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php. | 8.0 |