Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Coins-global Subscribe
Filtered by product Coins Construction Cloud
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-45227 1 Coins-global 1 Coins Construction Cloud 2022-04-21 3.5 LOW 5.4 MEDIUM
An issue was discovered in COINS Construction Cloud 11.12. Due to an inappropriate use of HTML IFRAME elements, the file upload functionality is vulnerable to a persistent Cross-Site Scripting (XSS) attack.
CVE-2021-45228 1 Coins-global 1 Coins Construction Cloud 2022-04-21 3.5 LOW 5.4 MEDIUM
An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of user input in the description of a task, it is possible to store malicious JavaScript code in the task description. This is later executed when it is reflected back to the user.