Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12101 | 1 Clippercms | 1 Clippercms | 2019-08-26 | 3.5 LOW | 5.4 MEDIUM |
| CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields. | |||||
| CVE-2018-13998 | 1 Clippercms | 1 Clippercms | 2018-09-04 | 3.5 LOW | 4.8 MEDIUM |
| ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users. | |||||
| CVE-2018-13106 | 1 Clippercms | 1 Clippercms | 2018-08-31 | 3.5 LOW | 4.8 MEDIUM |
| ClipperCMS 1.3.3 has stored XSS via the "Tools -> Configuration" screen of the manager/ URI. | |||||
| CVE-2018-11572 | 1 Clippercms | 1 Clippercms | 2018-06-27 | 3.5 LOW | 5.4 MEDIUM |
| ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -> Manage modules -> edit" action to the manager/ URI. | |||||
| CVE-2018-11332 | 1 Clippercms | 1 Clippercms | 2018-06-25 | 3.5 LOW | 4.8 MEDIUM |
| Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted site name to the manager/processors/save_settings.processor.php file. | |||||