MidnightBSD

Advisories for webboss

CVE-2023-36339

An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request.

Products Affected

Vendor Product Version
webboss webboss.io_cms *
CVE-2023-37742

WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.

Products Affected

Vendor Product Version
webboss webboss.io_cms *
CVE-2023-39096

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting (XSS) vulnerability due to lack of input validation and output encoding.

Products Affected

Vendor Product Version
webboss webboss.io_cms 3.7.0.1
CVE-2023-39097

WebBoss.io CMS v3.7.0.1 contains a stored cross-site scripting (XSS) vulnerability.

Products Affected

Vendor Product Version
webboss webboss.io_cms 3.7.0.1