Vulnerabilities > Razorcms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-31 | CVE-2018-19905 | Cross-site Scripting vulnerability in Razorcms 3.4.8 HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter. | 3.5 |
| 2018-12-31 | CVE-2018-19906 | Cross-site Scripting vulnerability in Razorcms 3.4.8 Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter. | 3.5 |
| 2018-09-12 | CVE-2018-16726 | Cross-site Scripting vulnerability in Razorcms 3.4.7 razorCMS 3.4.7 allows HTML injection via the description of the homepage within the settings component. | 3.5 |
| 2018-09-12 | CVE-2018-16727 | Cross-site Scripting vulnerability in Razorcms 3.4.7 razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage within the settings component. | 3.5 |
| 2009-04-28 | CVE-2009-1461 | Cross-Site Scripting vulnerability in Razorcms 0.2/0.3 Cross-site scripting (XSS) vulnerability in the Create New Page form in razorCMS 0.3 RC2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Page Title field. | 3.5 |