Vulnerabilities > Yzmcms > Yzmcms > 5.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-23 | CVE-2020-19949 | Cross-site Scripting vulnerability in Yzmcms 5.3 A cross-site scripting (XSS) vulnerability in the /link/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML. | 3.5 |
2021-09-23 | CVE-2020-19950 | Cross-site Scripting vulnerability in Yzmcms 5.3 A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML. | 3.5 |
2019-09-26 | CVE-2019-16532 | Injection vulnerability in Yzmcms 5.3 An HTTP Host header injection vulnerability exists in YzmCMS V5.3. | 5.8 |
2019-09-21 | CVE-2019-16678 | Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.3 admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route. | 4.3 |