Vulnerabilities > Ukcms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-18449 | Cross-site Scripting vulnerability in Ukcms 1.1.10 Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via data in the index function in Single.php | 5.4 |
| 2021-08-12 | CVE-2020-20977 | Cross-site Scripting vulnerability in Ukcms 1.1.10 A stored cross site scripting (XSS) vulnerability in index.php/legend/6.html of UK CMS v1.1.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Comments section. | 5.4 |