Vulnerabilities > Onethird > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-28 | CVE-2017-2124 | Cross-site Scripting vulnerability in Onethird CMS Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php. | 6.1 |
| 2017-04-28 | CVE-2017-2123 | Cross-site Scripting vulnerability in Onethird CMS Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via language.php. | 6.1 |