Vulnerabilities > Tribalsystems > Zenario > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-14 | CVE-2021-41952 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.0.54156 Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. | 3.5 |
| 2021-04-15 | CVE-2021-27673 | Cross-site Scripting vulnerability in Tribalsystems Zenario 8.8.52729 Cross Site Scripting (XSS) in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "cID" parameter when creating a new HTML component. | 3.5 |