Vulnerabilities > Thirtybees

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-30	CVE-2023-52264	Cross-site Scripting vulnerability in Thirtybees Bees Blog The beesblog (aka Bees Blog) component before 1.6.2 for thirty bees allows Reflected XSS because controllers/front/post.php sharing_url is mishandled. network low complexity thirtybees CWE-79	6.1
2023-12-22	CVE-2023-45957	Cross-site Scripting vulnerability in Thirtybees Thirty Bees 1.4.0 A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling. network low complexity thirtybees CWE-79	5.4
2023-10-18	CVE-2023-45958	Cross-site Scripting vulnerability in Thirtybees Thirty Bees 1.4.0 Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the backup_pagination parameter at /controller/AdminController.php. network low complexity thirtybees CWE-79	6.1

Vulnerabilities > Thirtybees {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Thirtybees"}]}