Vulnerabilities > Tribalsystems > Zenario > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-44769 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.4.59197 A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias. | 5.4 |
| 2023-10-06 | CVE-2023-44770 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.4.59197 A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias. | 5.4 |
| 2023-10-06 | CVE-2023-44771 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.4.59197 A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout. | 5.4 |
| 2023-08-28 | CVE-2023-39578 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.4 A stored cross-site scripting (XSS) vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field. | 4.8 |
| 2022-11-30 | CVE-2022-4231 | Session Fixation vulnerability in Tribalsystems Zenario 9.3.57595 A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. | 5.4 |
| 2022-11-16 | CVE-2022-44069 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.3.57186 Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via the Nest library module. | 5.4 |
| 2022-11-16 | CVE-2022-44070 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.3.57186 Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via News articles. | 5.4 |
| 2022-11-16 | CVE-2022-44071 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.3.57186 Zenario CMS 9.3.57186 is is vulnerable to Cross Site Scripting (XSS) via profile. | 5.4 |
| 2022-11-16 | CVE-2022-44073 | Cross-site Scripting vulnerability in Tribalsystems Zenario 9.3.57186 Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via svg,Users & Contacts. | 5.4 |
| 2022-11-02 | CVE-2020-36608 | Cross-site Scripting vulnerability in Tribalsystems Zenario A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS. | 6.1 |