Vulnerabilities in opensource-workshop
6 resultsCVE-2026-32276HIGHConnect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study PluginEPSS 0.5%CVE-2026-32279MEDIUMConnect CMS has SSRF in the External Page Migration Feature of its Page Management PluginEPSS 0.3%CVE-2026-32277HIGHConnect-CMS has DOM-based Cross-Site Scripting (XSS) in the Cabinet Plugin List ViewEPSS 0.3%CVE-2026-32300HIGHConnect CMS: Improper Authorization in the My Page Profile Update Feature Allows Modification of Arbitrary User InformationEPSS 0.3%CVE-2026-32299HIGHConnect CMS: Information Disclosure Due to Improper Authorization through the Page Content Retrieval FeatureEPSS 0.3%CVE-2026-32278HIGHConnect CMS has Stored Cross-site Scripting (XSS) in the File Field of its Form PluginEPSS 0.2%