CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter (tgo) while updating the theme.
{ "extracted_events": [ { "introduced": "1.7" }, { "last_affected": "1.7" } ], "cpe": "cpe:2.3:a:cmsuno_project:cmsuno:1.7:*:*:*:*:*:*:*", "source": "CPE_STRING" }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-36654.json"