Lucene search

Thirtybees Security Vulnerabilities

cve

CVE-2023-52264

The beesblog (aka Bees Blog) component before 1.6.2 for thirty bees allows Reflected XSS because controllers/front/post.php sharing_url is...

6.1CVSS

6AI Score

0.001EPSS

2023-12-30 11:15 PM

cve

CVE-2023-45957

A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error...

5.4CVSS

5.3AI Score

0.001EPSS

2023-12-22 04:15 PM

cve

CVE-2023-45958

Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the backup_pagination parameter at /controller/AdminController.php. This vulnerability allows attackers to execute arbitrary JavaScript in the web browser of a user via a crafted...

6.1CVSS

6AI Score

0.0005EPSS

2023-10-18 10:15 PM