Skip to main content

Neos Cms

2 CVEs product

Monthly

CVE-2023-37611 PHP MEDIUM POC PATCH This Month

Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted SVG file to the neos/management/media component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Neos Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-30429 PHP MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Neos Cms
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted SVG file to the neos/management/media component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Neos Cms
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Neos Cms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy