← Back

Comments

comments

Vendor: Verbb • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-13870
1Verbb
1Comments
Jun 17, 2026
Jun 5, 2020
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset volume name.
CVE-2020-13869
1Verbb
1Comments
Jun 17, 2026
Jun 5, 2020
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS. There is stored XSS via a guest name.
CVE-2020-13868
1Verbb
1Comments
Jun 17, 2026
Jun 5, 2020
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. CSRF affects comment integrity.