Vulnerabilities > Typecho > Typecho > 0.9.13.12.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-30184 | Cross-site Scripting vulnerability in Typecho A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment. | 5.4 |
| 2023-03-16 | CVE-2023-27130 | Cross-site Scripting vulnerability in Typecho Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter. | 4.8 |
| 2023-03-16 | CVE-2023-27131 | Cross-site Scripting vulnerability in Typecho Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter. | 4.8 |
| 2023-03-16 | CVE-2023-27711 | Cross-site Scripting vulnerability in Typecho Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via the Comment Manager /admin/manage-comments.php component. | 4.8 |
| 2023-02-22 | CVE-2023-24114 | Unspecified vulnerability in Typecho typecho 1.1/17.10.30 was discovered to contain a remote code execution (RCE) vulnerability via install.php. | 9.8 |