instantsoft/icms2 — Vulnerabilities & Security Advisories 15

All 15 CVE vulnerabilities found in instantsoft/icms2, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-4928	SQL Injection in instantsoft/icms2 CWE-89	9.8	-	2023-09-13
CVE-2023-4879	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 CWE-79	5.4	-	2023-09-10
CVE-2023-4878	Server-Side Request Forgery (SSRF) in instantsoft/icms2 CWE-918	7.5	-	2023-09-10
CVE-2023-4704	External Control of System or Configuration Setting in instantsoft/icms2 CWE-15	9.4	-	2023-09-01
CVE-2023-4654	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in instantsoft/icms2 CWE-614	5.3	-	2023-08-31
CVE-2023-4655	Cross-site Scripting (XSS) - Reflected in instantsoft/icms2 CWE-79	6.1	-	2023-08-31
CVE-2023-4653	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 CWE-79	5.4	-	2023-08-31
CVE-2023-4651	Server-Side Request Forgery (SSRF) in instantsoft/icms2 CWE-918	7.5	-	2023-08-31
CVE-2023-4650	Improper Access Control in instantsoft/icms2 CWE-284	6.5	-	2023-08-31
CVE-2023-4649	Session Fixation in instantsoft/icms2 CWE-384	7.6	-	2023-08-31
CVE-2023-4652	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 CWE-79	5.4	-	2023-08-31
CVE-2023-4381	Unverified Password Change in instantsoft/icms2 CWE-620	9.8	-	2023-08-16
CVE-2023-4189	Cross-site Scripting (XSS) - Reflected in instantsoft/icms2 CWE-79	6.1	-	2023-08-05
CVE-2023-4188	SQL Injection in instantsoft/icms2 CWE-89	9.8	-	2023-08-05
CVE-2023-4187	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 CWE-79	5.4	-	2023-08-05

All 15 known CVE vulnerabilities affecting instantsoft/icms2 with full Chinese analysis, references, and POCs where available.