This page aggregates publicly disclosed CVE and security risk information related to cnvs, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-1000507 | Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) vulnerability in User's details that can result in denial of service and execution of javascript code. | [email protected] | 5.4 | 0.32% | 2018-02-09 | 2024-11-21 |
| CVE-2017-8298 | cnvs.io Canvas 3.3.0 has XSS in the title and content fields of a "Posts > Add New" action, and during creation of new tags and users. | [email protected] | 5.4 | 0.26% | 2017-04-27 | 2026-05-13 |