Vulnerabilities > Thedaylightstudio > Fuel CMS > 1.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-03 | CVE-2022-28599 | Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.5.1 A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 that allows an authenticated user to upload a malicious .pdf file which acts as a stored XSS payload. | 3.5 |
2022-04-11 | CVE-2022-27156 | Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.5.1 Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection. | 3.5 |
2022-02-24 | CVE-2021-44607 | Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.5.1 A Cross Site Scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG file. | 3.5 |