Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NNotrinos Notrinoserp
APPNotrinos< 0.7
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Powiązane podatności
CVE-2022-2927CRITICAL9.8ten sam produkt
Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.
CVE-2023-24788HIGH8.8ten sam produkt
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /Not...
CVE-2022-2921HIGH8.8ten sam produkt
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp pr...
CVE-2022-2965MEDIUM4.3ten sam produkt
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.