← Back

Laracms

laracms

Vendor: Laracms Project • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-20131
1Laracms Project
1Laracms
Nov 21, 2024
Sep 29, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module.
CVE-2020-20129
1Laracms Project
1Laracms
Nov 21, 2024
Sep 29, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor.
CVE-2020-20128
1Laracms Project
1Laracms
Nov 21, 2024
Sep 29, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers.