dilicms 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に vendor risk cross-site scripting and vendor risk csrf などに関し、一部は vendor impact session compromise を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-8440 | An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the third textbox (aka site logo) of "System setting->site setting" of admin/index.php, aka site_logo. | [email protected] | 4.8 | 0.68% | 2019-03-07 | 2024-11-21 |
| CVE-2019-8439 | An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the second textbox of "System setting->site setting" of admin/index.php, aka site_domain. | [email protected] | 5.4 | 0.68% | 2019-03-07 | 2024-11-21 |
| CVE-2019-8438 | An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the first textbox of "System setting->site setting" of admin/index.php, aka site_name. | [email protected] | 4.8 | 0.68% | 2019-03-07 | 2024-11-21 |
| CVE-2018-19291 | An issue was discovered in DiliCMS 2.4.0. There is a CSRF vulnerability that can delete a user or group via an admin/index.php/user/del/1 or admin/index.php/role/del/2 URI. | [email protected] | 6.5 | 0.65% | 2018-11-15 | 2024-11-21 |
| CVE-2018-18210 | XSS exists in DiliCMS 2.4.0 via the admin/index.php/setting/site?tab=site_attachment attachment_url parameter. | [email protected] | 6.1 | 0.86% | 2018-10-10 | 2024-11-21 |
| CVE-2018-18209 | XSS exists in DiliCMS 2.4.0 via the admin/index.php/setting/site?tab=site_attachment attachment_type parameter. | [email protected] | 6.1 | 0.86% | 2018-10-10 | 2024-11-21 |
| CVE-2018-10430 | An issue was discovered in DiliCMS (aka DiligentCMS) 2.4.0. There is a Stored XSS Vulnerability in the fourth textbox of "System setting->site setting" of admin/index.php. | [email protected] | 4.8 | 0.67% | 2018-04-26 | 2024-11-21 |