Tribalsystems: >> Zenario >> 9.0.54156 Security Vulnerabilities
Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-03-14
Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.
CVSS Score
7.2
EPSS Score
0.171
Published
2022-03-14