← Back

Anchor

anchor

Vendor: Anchorcms • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-12071
1Anchorcms
1Anchor
Nov 21, 2024
Apr 23, 2020
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Anchor 0.12.7 allows admins to cause XSS via crafted post content.
CVE-2018-7251
1Anchorcms
1Anchor
Nov 21, 2024
Feb 19, 2018
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.