This page aggregates publicly disclosed CVE and security risk information related to mineweb, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-1163 | Cross-site Scripting (XSS) - Stored in GitHub repository mineweb/minewebcms prior to next. | [email protected] | 4.8 | 3.51% | 2022-03-30 | 2026-06-17 |
| CVE-2020-18693 | Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attackers to execute arbitrary code by injecting malicious code into the 'Title' field of the component '/admin/news'. | [email protected] | 5.4 | 0.99% | 2021-08-06 | 2026-06-16 |