Vulnerabilities > Typesettercms > Typesetter > 5.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-35126 | Cross-site Scripting vulnerability in Typesettercms Typesetter Typesetter CMS 5.x through 5.1 allows admins to conduct Site Title persistent XSS attacks via an Admin/Configuration URI. | 4.8 |
| 2020-09-19 | CVE-2020-25790 | Unrestricted Upload of File with Dangerous Type vulnerability in Typesettercms Typesetter 5.0/5.0.1/5.1 Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. | 7.2 |