Evolutioncms/evolution
This hub aggregates every CVE we track for Evolutioncms/evolution, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Evolutioncms/evolution.
- CVE-2023-43340Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmsp...5.2
- CVE-2023-43341Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter.6.1
- CVE-2018-16637Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI.5.4
- CVE-2018-16638Evolution CMS 1.4.x allows XSS via the manager/ search parameter.5.4
Product normalization is registry-driven with AI assist and human review. How it works