Anchorcms: >> Anchor Cms >> 0.8.1 Security Vulnerabilities
Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose of obtaining the administrator cookie, thereby achieving other malicious operations.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-12-15
Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-09-07
models/comment.php in Anchor CMS 0.9.2 and earlier allows remote attackers to inject arbitrary headers into mail messages via a crafted Host: header.
CVSS Score
4.3
EPSS Score
0.002
Published
2014-12-02