Vulnerabilities > Opensolution
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-20 | CVE-2023-43346 | Cross-site Scripting vulnerability in Opensolution Quick CMS 6.7 Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component. | 5.4 |
2023-10-19 | CVE-2023-43345 | Cross-site Scripting vulnerability in Opensolution Quick CMS 6.7 Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component. | 8.6 |
2023-10-19 | CVE-2023-43342 | Cross-site Scripting vulnerability in Opensolution Quick CMS 6.7 Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component. | 5.4 |
2023-10-19 | CVE-2023-43344 | Cross-site Scripting vulnerability in Opensolution Quick CMS 6.7 Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component. | 5.4 |
2023-10-05 | CVE-2023-43343 | Cross-site Scripting vulnerability in Opensolution Quick CMS 6.7 Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component. | 5.4 |
2021-01-28 | CVE-2020-35754 | Code Injection vulnerability in Opensolution Quick.Cart and Quick.Cms OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Language tab. | 7.2 |