Every CVE whose affected-product data names Neos Neos Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-30429 — CVSS 5.4 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script…
CVE-2023-37611 — CVSS 5.4 (medium): Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted…