Microweber: community verdicts
2 notable / known-exploited Microweber CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Microweber CVE, see NVD ↗.
- CVE-2024-40101MED 6.1EPSS 1%
A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.
- CVE-2020-23136MED 5.5EPSS 0%
Microweber v1.1.18 is affected by no session expiry after log-out.