instantsoft — Vulnerabilities & Security Advisories 20

Browse all 20 CVE security advisories affecting instantsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by instantsoft:instantsoft/icms2 icms2

CVE ID	Title	CVSS	Severity	Published
CVE-2026-28281	InstantCMS has Multiple CSRF Vulnerabilities — icms2CWE-352	7.1	High	2026-03-09
CVE-2025-59055	InstantCMS vulnerable to Server-Side Request Forgery via package installer — icms2CWE-918	4.7	Medium	2025-09-11
CVE-2024-50348	InstantCMS has a Cross Site Scripting Vulnerability — icms2CWE-79	5.4	Medium	2024-10-29
CVE-2024-31213	InstantCMS Open Redirect vulnerability — icms2CWE-601	3.5	Low	2024-04-05
CVE-2024-31212	SQL injection in index_chart_data action — icms2CWE-89	6.7	Medium	2024-04-04
CVE-2023-4928	SQL Injection in instantsoft/icms2 — instantsoft/icms2CWE-89	9.8	-	2023-09-13
CVE-2023-4879	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 — instantsoft/icms2CWE-79	5.4	-	2023-09-10
CVE-2023-4878	Server-Side Request Forgery (SSRF) in instantsoft/icms2 — instantsoft/icms2CWE-918	7.5	-	2023-09-10
CVE-2023-4704	External Control of System or Configuration Setting in instantsoft/icms2 — instantsoft/icms2CWE-15	9.4	-	2023-09-01
CVE-2023-4654	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in instantsoft/icms2 — instantsoft/icms2CWE-614	5.3	-	2023-08-31
CVE-2023-4655	Cross-site Scripting (XSS) - Reflected in instantsoft/icms2 — instantsoft/icms2CWE-79	6.1	-	2023-08-31
CVE-2023-4649	Session Fixation in instantsoft/icms2 — instantsoft/icms2CWE-384	7.6	-	2023-08-31
CVE-2023-4650	Improper Access Control in instantsoft/icms2 — instantsoft/icms2CWE-284	6.5	-	2023-08-31
CVE-2023-4651	Server-Side Request Forgery (SSRF) in instantsoft/icms2 — instantsoft/icms2CWE-918	7.5	-	2023-08-31
CVE-2023-4653	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 — instantsoft/icms2CWE-79	5.4	-	2023-08-31
CVE-2023-4652	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 — instantsoft/icms2CWE-79	5.4	-	2023-08-31
CVE-2023-4381	Unverified Password Change in instantsoft/icms2 — instantsoft/icms2CWE-620	9.8	-	2023-08-16
CVE-2023-4189	Cross-site Scripting (XSS) - Reflected in instantsoft/icms2 — instantsoft/icms2CWE-79	6.1	-	2023-08-05
CVE-2023-4188	SQL Injection in instantsoft/icms2 — instantsoft/icms2CWE-89	9.8	-	2023-08-05
CVE-2023-4187	Cross-site Scripting (XSS) - Stored in instantsoft/icms2 — instantsoft/icms2CWE-79	5.4	-	2023-08-05

This page lists every published CVE security advisory associated with instantsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

instantsoft — Vulnerabilities & Security Advisories 20