Intelliants: community verdicts
3 notable / known-exploited Intelliants CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Intelliants CVE, see NVD ↗.
- CVE-2020-18324MED 6.1EPSS 3%
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template.
- CVE-2020-18326HIGH 8.8Real · low riskEPSS 2%
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
- CVE-2020-18325MED 6.1EPSS 2%
Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel.