Microweber: >> Microweber Security Vulnerabilities
Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-04-13
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.
CVSS Score
7.4
EPSS Score
0.001
Published
2023-04-05
Command Injection in GitHub repository microweber/microweber prior to 1.3.3.
CVSS Score
6.1
EPSS Score
0.005
Published
2023-04-05
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.
CVSS Score
5.7
EPSS Score
0.001
Published
2023-02-28
Microweber is a drag and drop website builder and content management system. Versions 1.2.12 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. A fix was attempted in versions 1.2.9 and 1.2.12, but it is incomplete.
CVSS Score
6.1
EPSS Score
0.009
Published
2023-02-21
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-02-01
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.
CVSS Score
4.7
EPSS Score
0.009
Published
2022-12-27
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2.
CVSS Score
5.1
EPSS Score
0.002
Published
2022-12-22
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2.
CVSS Score
2.7
EPSS Score
0.006
Published
2022-12-21
Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter.
CVSS Score
6.1
EPSS Score
0.008
Published
2022-11-25