Tribalsystems/zenario
This hub aggregates every CVE we track for Tribalsystems/zenario, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
22
CVEs tracked
3
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM14HIGH4CRITICAL3LOW1
Monthly trend
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Tribalsystems/zenario.
- CVE-2024-45960Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site...4.8
- CVE-2024-45964Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the "Organizer tags" field.4.8
- CVE-2024-34461Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator.9.8
- CVE-2024-34460The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is affected by XSS. (This component was removed in 9.5.60602.)6.5
- CVE-2023-44769A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias.5.4
- CVE-2023-44771A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout.5.4
- CVE-2023-44770A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias.5.4
- CVE-2022-44136Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE).9.8
- CVE-2022-4231Tribal Systems Zenario CMS Remember Me session fixiation4.2
- CVE-2022-44070Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via News articles.5.4
- CVE-2022-44071Zenario CMS 9.3.57186 is is vulnerable to Cross Site Scripting (XSS) via profile.5.4
- CVE-2022-44069Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via the Nest library module.5.4
- CVE-2022-44073Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via svg,Users & Contacts.5.4
- CVE-2020-36608Tribal Systems Zenario CMS Error Log Module admin_organizer.js cross site scripting3.5
- CVE-2021-41952Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS) via upload file to *.SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The...4.8
Product normalization is registry-driven with AI assist and human review. How it works