Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-12071 | 1 Anchorcms | 1 Anchor | 2020-04-27 | 3.5 LOW | 4.8 MEDIUM |
Anchor 0.12.7 allows admins to cause XSS via crafted post content. | |||||
CVE-2018-7251 | 1 Anchorcms | 1 Anchor | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred. |