Webboss Webboss.io Cms — known CVE vulnerabilities
Every CVE whose affected-product data names Webboss Webboss.io Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-36339 — CVSS 7.5 (high): An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request.
CVE-2023-37742 — CVSS 6.1 (medium): WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.
CVE-2023-39096 — CVSS 5.4 (medium): WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting (XSS) vulnerability due to lack of input validation and output encoding.