2.3.1

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-14	CVE-2020-23691	Unspecified vulnerability in Yfcmf 2.3.1 YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php. network low complexity yfcmf	7.5
2021-05-14	CVE-2020-23689	Cross-site Scripting vulnerability in Yfcmf 2.3.1 In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page. network yfcmf CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.