Skip to main content

Magnolia Cms

3 CVEs product

Monthly

CVE-2022-33098 MEDIUM POC THREAT This Month

Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Contact function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.5%.

XSS Magnolia Cms
NVD Exploit-DB VulDB
CVSS 3.1
6.1
EPSS
50.5%
Threat
4.2
CVE-2021-25894 MEDIUM POC PATCH This Month

Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the /magnoliaPublic/travel/members/login.html mgnlUserId parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Magnolia Cms
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-25893 MEDIUM POC This Month

Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the setText parameter of /magnoliaAuthor/.magnolia/. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Magnolia Cms
NVD
CVSS 3.1
5.4
EPSS
0.9%
EPSS 51% 4.2 CVSS 6.1
MEDIUM POC THREAT This Month

Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Contact function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.5%.

XSS Magnolia Cms
NVD Exploit-DB VulDB
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the /magnoliaPublic/travel/members/login.html mgnlUserId parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Magnolia Cms
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the setText parameter of /magnoliaAuthor/.magnolia/. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Magnolia Cms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy