Fiyo: >> Fiyo Cms >> 2.0.6.1 Security Vulnerabilities
In Fiyo CMS 2.0.6.1, the 'tag' parameter results in an unauthenticated XSS attack.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-06-17
Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter to dapur/ in an app=user&act=edit action.
CVSS Score
8.8
EPSS Score
0.068
Published
2017-03-12