Vulnerabilities > Thedaylightstudio > Fuel CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-13 | CVE-2018-20137 | Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3 XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or Meta keywords during page data management, as demonstrated by the pages/edit/1?lang=english URI. | 4.8 |
| 2018-12-13 | CVE-2018-20136 | Cross-site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3 XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI. | 4.8 |