Vulnerabilities > Tpcms Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-03 | CVE-2021-36545 | Cross-site Scripting vulnerability in Tpcms Project Tpcms 3.2 Cross Site Scripting (XSS) vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfg_copyright or cfg_tel field in Site Configuration page. | 5.4 |
| 2022-04-04 | CVE-2022-27441 | Cross-site Scripting vulnerability in Tpcms Project Tpcms 3.2 A stored cross-site scripting (XSS) vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box. | 4.8 |