compo CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

compo vulnerability overview

Aggregates CVE and security vulnerability intelligence across all compo-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Disclosed issues often relate to vendor risk cross-site scripting; exposure may include vendor impact session compromise in vendor surface production workloads and vendor surface software deployment contexts.

Vulnerability distribution trend (last 24 months)

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2021-38709 In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS. [email protected] 6.1 0.32% 2021-08-16 2024-11-21
CVE-2021-38708 In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS. [email protected] 5.4 0.30% 2021-08-16 2024-11-21
CVE-2018-6518 Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php. [email protected] 4.8 0.29% 2018-04-26 2024-11-21
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence