Symphony-cms Symphony_cms
4 CVEs affecting Symphony-cms Symphony_cms. Latest disclosed: 2024-08-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-41613 | Medium | 5.4 | 2024-08-13 | A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note. |
CVE-2024-41614 | Medium | 4.8 | 2024-08-13 | symphonycms <=2.7.10 is vulnerable to Cross Site Scripting (XSS) in the Comment component for articles. |
CVE-2011-4341 | | 2012-02-12 | Multiple SQL injection vulnerabilities in symphony/content/content.publish.php in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote auth… | |
CVE-2011-4340 | | 2012-02-12 | Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author… |