COOEY // HUBcompliance · community · intelligence

FAIL › dossier

pyrocms vendor

1
failure events
0
zero-days
0
RCEs
0
on KEV
1
critical
35
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2022-11-25 CVE-2022-37721 critical 35 PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.
2022-11-25 CVE-2022-37721 critical 35 PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.