CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43724
https://notcve.org/view.php?id=CVE-2021-43724
23 Feb 2022 — A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS through 4.2.1 in the Create Page functionality of the admin Account via a SGV file. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en Subrion CMS versiones hasta 4.2.1, en la funcionalidad Create Page de la Cuenta del administrador por medio de un archivo SGV • https://github.com/intelliants/subrion/issues/890 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-18366
https://notcve.org/view.php?id=CVE-2017-18366
12 Apr 2019 — Subrion CMS 4.1.5 has CSRF in blog/delete/. Subrion CMS 4.1.5 es vulnerable a un CSRF en blog/delete/. • https://github.com/intelliants/subrion/issues/477 • CWE-352: Cross-Site Request Forgery (CSRF) •