Vulnerabilities > Thedaylightstudio > Fuel CMS > 1.5.1

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-28599 Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.5.1
A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 that allows an authenticated user to upload a malicious .pdf file which acts as a stored XSS payload. 		3.5
3.5
2022-04-11 CVE-2022-27156 Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.5.1
Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection. 		3.5
3.5
2022-02-24 CVE-2021-44607 Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.5.1
A Cross Site Scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG file. 		3.5
3.5