Vulnerabilities in xibosignage
20 resultsCVE-2023-33177HIGHXibo CMS vulnerable to Remote Code Execution through Zip SlipEPSS 7.1%CVE-2025-62369HIGHXibo CMS: Remote Code Execution through module templatesEPSS 0.9%CVE-2024-29023HIGHSession Hijacking via token exposure on the session page in Xibo CMSEPSS 0.8%CVE-2024-29022HIGHSession Hijacking via XSS attack in header and session grid in Xibo CMSEPSS 0.7%CVE-2023-33178MEDIUMSensitive Information Disclosure abusing SQL Injection in Xibo CMS dataset filterEPSS 0.6%CVE-2023-33179MEDIUMSensitive Information Disclosure abusing SQL Injection in Xibo CMS nameFilterEPSS 0.6%CVE-2023-33180MEDIUMSensitive Information Disclosure abusing SQL Injection in Xibo CMS display mapEPSS 0.6%CVE-2023-33181MEDIUMSensitive Information Disclosure abusing Stack Trace in Xibo CMSEPSS 0.5%CVE-2024-41802HIGHXibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet Data ImportEPSS 0.5%CVE-2024-41803MEDIUMXibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet FilterEPSS 0.4%CVE-2024-41944MEDIUMSensitive Information Disclosure abusing SQL Injection in Xibo CMS proof of play reportEPSS 0.4%CVE-2024-41804MEDIUMXibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet Column FormulaEPSS 0.4%CVE-2026-42141HIGHXibo: Authenticated Server-Side Request Forgery (SSRF) in Library Upload via URL functionalityEPSS 0.4%CVE-2026-31955MEDIUMXibo CMS has Authenticated Server-Side Request Forgery (SSRF) in Remote DataSet FunctionalityEPSS 0.3%CVE-2026-31956MEDIUMXibo CMS has Preview and SavedReport IDOR via disableUserCheck without controller-level authorizationEPSS 0.3%CVE-2024-43413LOWXibo CMS XSS vulnerability using DataSet HTML columnsEPSS 0.3%CVE-2024-43412MEDIUMXibo CMS XSS vulnerability when previewing files uploaded to the library containing HTML/JSEPSS 0.3%CVE-2026-31952HIGHXibo CMS API has SQL Injection via DataSet Filter ParameterEPSS 0.2%CVE-2026-31953MEDIUMXibo CMS has Stored XSS via Notification Body with Zero-Click Execution on LoginEPSS 0.1%CVE-2026-42558HIGHXibo Vulnerable to Stored XSS and Iframe Sandbox Escape via Data Connector Script in DataSetEPSS 0.1%