Vulnerabilities > Typecho > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-49967 | XML Entity Expansion vulnerability in Typecho 1.2.1 Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component /index.php/action/xmlrpc. | 7.5 |
| 2023-08-03 | CVE-2023-36299 | Unrestricted Upload of File with Dangerous Type vulnerability in Typecho 1.2.1 A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php. | 8.8 |