📦 Tendenci

CVE-2020-14942 is a critical deserialization vulnerability in Tendenci 12.0.10 that allows remote code execution by exploiting unrestricted deserialization in the helpdesk staff view. This affects all...

A stored cross-site scripting vulnerability in Tendenci CMS allows attackers to inject malicious scripts into the Jobs module. When users view affected job listings, the scripts execute in their brows...

A stored cross-site scripting (XSS) vulnerability in Tendenci CMS v15.3.7 allows attackers to inject malicious scripts into forum posts that execute when other users view them. This affects all Tenden...

This critical vulnerability allows authenticated staff users in Tendenci CMS to execute arbitrary code on the server through unsafe Python pickle deserialization in the Helpdesk module's run_report() ...