Vulnerabilities > Webboss > Webboss IO CMS > 3.6.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-21 | CVE-2023-36339 | Incorrect Authorization vulnerability in Webboss Webboss.Io CMS An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request. | 7.5 |
| 2023-07-21 | CVE-2023-37742 | Cross-site Scripting vulnerability in Webboss Webboss.Io CMS WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability. | 6.1 |